Collaborate with cross functional teams to validate they are effectively implementing relevant security controls, understand their operations, and compliance with corporate standards.
Monitor and enhance the controls necessary to achieve and maintain SOC 2, PCI DSS, HIPAA, NIST 800-53, ISO 27001, GDPR, and other compliance requirements. Routinely test controls as required.
Assist external parties delivering projects related to compliance or other security initiatives.
Facilitate and provide governance over internal assessments and external audits of the compliance programs.
Develop, revise, and maintain remediation plans in coordination with the remediation owners. Track the remediation plans to closure.
Manage and develop the cyber security control frameworks supporting security compliance objectives.
Maintain tools and processes that enable governance of compliance.
Assist in the development of key reporting metrics and executive presentations to promote awareness and support of compliance programs.
Performance of other duties and responsibilities as assigned.
Minimum:
BA degree Cybersecurity, Computer Science, IT Management or other directly related field and 10+ years of experience in related field.
5 years information security controls, information technology audit, or security risk management.
Ability to influence across functional teams to achieve desired business results.
Excellent verbal and written communication skills.
Strong attention to detail, well organized, and able to manage time effectively.