Back to Job Search
Location: Lawrenceville, GA
Type: Contract
Our established client is looking for a Compliance Controls Assessor to join their team for a long-term contract opportunity. You will assist the Cybersecurity Team in conducting Security Control Assessments for PCI-DSS, HIPAA, and CJIS, and working with IT to develop and enhance compliance-related processes.
Your Role:
•Assist the company in maintaining compliance with PCI-DSS, HIPAA, and CJIS
•Conduct Security Control Assessment kick off and follow-up meetings with key system stakeholders and client senior management
•Assist with translating control deficiencies into action plans and provide recommendations to enhance practices in alignment with risk and compliance frameworks.
•Work with various internal teams and business partners to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented
•Provide recommendations to management on how to improve current processes and better secure their systems
•Support the Information Security Team in understanding and identifying process risks and designing and assessing process controls to mitigate those risks
• Work with control owners to identify key departmental objectives, risks, and controls
• Effectively document business processes and identify process improvement opportunities
• Assess and evaluate the adequacy of security controls for compliance with various regulatory security requirements
• Determine whether existing controls are effective in addressing risk and achieving management's objectives
• Develop critical client deliverables including Security Assessment Plans, Security Requirements Traceability Matrices, and Security Assessment Reports
• Prepare and deliver audit reports that concisely summarize audit results
Is this a fit? (Requirements)
BA or BS / MA or MS degree in Computer Science/Engineering, Information Security, Information Systems, Auditing, Information Assurance, Information Security, Intelligence Studies, or Cybersecurity and five (5) years minimum of progressively responsible, professional auditing experience, preferably Big 4 or a mix of external and internal in a large scale Information Technology environment; or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.
Preferred Experience:
• One or more of the following certifications strongly preferred: CIA, CISA, CRISC, CRMA, CFE, or equivalent
• A strong knowledge of risk based advanced IT auditing in a dynamic and changing environment applying appropriate IT control frameworks to evaluate areas of risk
• Minimum 5 years of practical experience directly working with policy and regulatory mandates such as SOC1/SOC2, ISO27001/27002/27031, PCI-DSS, HIPAA, CJIS, and NIST RMF and associated standards such as NIST sp800-171, sp800-34, sp800-53, etc.
• Experience working with other teams to create new processes and procedures to meet security and compliance requirements
• Ability to handle multiple tasks under tight deadlines
• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
• Project management process, tools, and techniques
• Knowledge of technology trends and developments
• Must be a critical thinker with strong problem-solving skills
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
• Excellent presentation and facilitation skills
If this sounds like a fit, please apply!
Compliance Controls Assessor
- Location: Lawrenceville, 30046
- Salary: $55 - $65 / hour
- Job Type:Contract
Posted about 2 months ago
- Pay 55 to 65
- Function: End User Technical Support
- Job Ref: 240648
Type: Contract
Our established client is looking for a Compliance Controls Assessor to join their team for a long-term contract opportunity. You will assist the Cybersecurity Team in conducting Security Control Assessments for PCI-DSS, HIPAA, and CJIS, and working with IT to develop and enhance compliance-related processes.
Your Role:
•Assist the company in maintaining compliance with PCI-DSS, HIPAA, and CJIS
•Conduct Security Control Assessment kick off and follow-up meetings with key system stakeholders and client senior management
•Assist with translating control deficiencies into action plans and provide recommendations to enhance practices in alignment with risk and compliance frameworks.
•Work with various internal teams and business partners to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented
•Provide recommendations to management on how to improve current processes and better secure their systems
•Support the Information Security Team in understanding and identifying process risks and designing and assessing process controls to mitigate those risks
• Work with control owners to identify key departmental objectives, risks, and controls
• Effectively document business processes and identify process improvement opportunities
• Assess and evaluate the adequacy of security controls for compliance with various regulatory security requirements
• Determine whether existing controls are effective in addressing risk and achieving management's objectives
• Develop critical client deliverables including Security Assessment Plans, Security Requirements Traceability Matrices, and Security Assessment Reports
• Prepare and deliver audit reports that concisely summarize audit results
Is this a fit? (Requirements)
BA or BS / MA or MS degree in Computer Science/Engineering, Information Security, Information Systems, Auditing, Information Assurance, Information Security, Intelligence Studies, or Cybersecurity and five (5) years minimum of progressively responsible, professional auditing experience, preferably Big 4 or a mix of external and internal in a large scale Information Technology environment; or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.
Preferred Experience:
• One or more of the following certifications strongly preferred: CIA, CISA, CRISC, CRMA, CFE, or equivalent
• A strong knowledge of risk based advanced IT auditing in a dynamic and changing environment applying appropriate IT control frameworks to evaluate areas of risk
• Minimum 5 years of practical experience directly working with policy and regulatory mandates such as SOC1/SOC2, ISO27001/27002/27031, PCI-DSS, HIPAA, CJIS, and NIST RMF and associated standards such as NIST sp800-171, sp800-34, sp800-53, etc.
• Experience working with other teams to create new processes and procedures to meet security and compliance requirements
• Ability to handle multiple tasks under tight deadlines
• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
• Project management process, tools, and techniques
• Knowledge of technology trends and developments
• Must be a critical thinker with strong problem-solving skills
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
• Excellent presentation and facilitation skills
If this sounds like a fit, please apply!
Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.
About Us
At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re consistently in the top 25 of all U.S. IT staffing firms and why our consultants rate us well above the industry average, earning us ClearlyRated's Best of Staffing awards year after year. People come to us for a job, and stay with us because of our top-notch consultant care.
MATRIX is and Equal Employment Opportunity employer including disability and veteran and provides reasonable accommodations for all qualified individuals. Supporting medical or religious documentation will be required where applicable. If you are a qualified individual you may request a reasonable accommodation under the American Disability Act (ADA). If you are a person with a disability needing assistance applying, or at any point in the hiring process, please email us at MATRIX_HR@MatrixRes.com. To ensure a quick response to your request, please use the words “Accommodation request” as the subject line of your email.
For hourly W2 contract roles MATRIX offers a highly competitive benefit package including Medical, Dental, Vision, Life, Disability, HSA, and 401(k) with pre and post-tax options. Please see MatrixRes.com/Benefits for more information.
For direct hire placement with our clients, benefits would be offered in accordance with that particular client’s offerings. This may include PTO, Medical, Dental, Vision, 401K and other pre and post-tax options.