Security & Compliance Specialist

» Security & Compliance Specialist
Information Technology
in Seattle
, WA
Reference: 19-03350
Responsibilities:
  • Developing the overall timelines and project plans for necessary compliance work, including the following types of activities: collection and QA of requested documentation, process and control walkthroughs, testing, observations/interviews with Auditors, and remediation to address any control gaps
  • Working with the internal and external auditors as they conduct their audits; this could include coordinating and facilitating site visits, providing them with all requested documentation, and addressing resulting questions or concerns
  • Partnering with internal stakeholders, of varied leadership levels, with responsibility for in-scope applications to educate them on compliance requirements, ensure appropriate controls are in place to meet the requirements and assist them with outlining remediation plans to address any deficiencies
  • Providing work direction to compliance team members, including on-site and off-shore resources
  • Working with Corporate resources to ensure alignment with the overall enterprise Compliance programs
  • Analyzing changes in regulations for our compliance programs and implementing plans for these to be sufficiently addressed
Preferred Qualifications:
  • Expert project/program management skills, with strong emphasis on organization, communication and prioritization skills
  • Demonstrated verbal and written communication skills
  • Demonstrated record of taking initiative and thorough follow thru
  • Self-starter with leadership skills and the ability to manage multiple tasks concurrently
  • Strong analytical and decision-making skills
  • Strong negotiation and influencing skills
  • Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences
  • Demonstrated experience in identifying compliance risk and development of mitigation/remediation plans
  • Ability to work in large global environments spanning multiple time-zones
  • Experience using the Archer/RSA Governance, Risk and Compliance tool as a document repository for Compliance documentation
  • In depth knowledge of laws, regulations, and industry requirements related to Information Security (i.e. Payment Card Industry, Domestic and International Privacy regulations)
Basic Qualifications:
  • 8+ years of IT audit or IT compliance experience
  • 8+ years of program and project management experience
  • Ability to understand technical risks and issues and recommend solutions to address
  • Ability to communicate technical concepts in business terms
  • Ability to articulate IT compliance requirements and design IT controls
  • CISA certification required
  • BA/BS or equivalent