Title: IT Compliance Advisor
Location: Memphis, TN 38125
Term: 10 Months Contract to Hire
- Performs advanced IT compliance work in the areas of regulatory compliance, risk assessment and risk mitigation
- Leads audits both internally and externally including third party vendor audits and client-initiated IT audits
- Performs critical project management duties in the scheduling, coordinating, reviewing and reporting of the work of IT compliance teams.
- Assists in validating the ongoing compliance within the IT organization to the ISO 27001:2013 standard.
- Develops and maintains productive internal and external stakeholder relationships; communicates with company management clients, carriers, vendors and other stakeholders as needed during IT compliance activities.
- Leads audits with clients, carriers and other external stakeholders in critical or sensitive communications regarding IT compliance and audits.
- Prepares audit and compliance reports, analysis and recommendations using advanced writing skills.
- Assesses risk factors to identify high risk areas within IT.
- Assists in developing risk remediation plans and manages related projects to completion.
- Attends, presents and/or participates in continuing professional education classes and training courses.
- Follows up on audit findings to ensure that management has taken corrective action(s).
- Conducts or supervises IT operational, compliance, and investigative audits as required.
- Will report directly to me and will be responsible for reviewing contracts language for IT security, audit, and other related areas to adjust to our requirements
Is this a good fit? (Requirements):
- 8 years of information technology, audit or related industry experience or equivalent combination of education and experience required
- 5 to 7 years of IT experience, preference being IT security or regulatory compliance experience
- Thorough understanding of internal control and data security concepts and their applications
- Proficient knowledge of IT compliance frameworks (i.e. SSAE 16 and ISO 2700x frameworks at minimum)
- Knowledge of IT risk management, risk mitigation, data protection and security, and investigation procedures
- Experience with basic system architecture concepts and processes
- Creative and analytical approach to problem solving
- Excellent detail orientation, time management skills and organization skills
- Excellent interpersonal skills and ability to work with various levels within the organization
- Ability to maintain confidential information in professional manner
- Ability to maintain profession demeanor in times of high stress
- Ability to manage multiple projects and set priorities
- Ability to work in a team environment and independently
- IT security or regulatory compliance experience preferred
- Experience performing contract reviews preferred
- Preferred certifications: CRISC, CISM
- Must have familiarity with legal language
- MBA preferred
- Bachelor's degree from an accredited college or university preferred
At least one of the following credentials preferred:
- Certified Internal Auditor (CIA), Certified Information System Security Professional (SSCP), Certified Information Systems Manager (CISM) designation, Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA) designation
If this sounds like the perfect fit, Apply Today!