IT Compliance Manager in Atlanta, GA at CareerBuilder

Date Posted: 8/7/2018

Job Snapshot

Job Description

US - CareerBuilder

 

 

The role will manage and execute risk management functions, security project management, promote organizational security awareness functions and assist the Vice President of Global Information Security in policy development. In this role, the manager will also ensure the organization complies with statutory and regulatory requirements and standards regarding information storage, access, security and privacy. The ideal candidate will have a track record of success in the information security field and possess a solid understanding of information security methodologies. As well as regulatory and compliance requirements as they relate to all lines of business and across all functional areas within CareerBuilder.

Responsibilities:

  • Function as point of contact and subject matter expert relating to IT Governance & regulatory compliance.
  • Supporting activated incident management teams as a central resource for coordination
  • Organizing and conducting exercises and tabletop simulations. Assist with documentation relating to exercise planning and facilitation, as well as, incident response activities
  • Compiling, monitoring, analyzing, and reporting on applicable global threat monitoring results, trends and standards related to Incident / Crisis Management
  • Day-to-day maintenance of Business Impact Analyses and Business Recovery Plans, including initiation, tracking, and audit of plan review and approval process
  • Regularly audit BCM plans and incident response documentation for accuracy and completeness
  • Help ensure that Business Resilience data and processes are aligned and integrated with other facets of the department, including disaster recovery, vendor risk management, crisis analysis and response and compliance
  • Plan and perform IT Risk Assessments of business processes, applications, and services
  • Maintain and report on security controls required by NIST, HIPAA-HITRUST, GDPR, PCI, SSAE-18 Type 1 SOC 2 , ISO 27001 & SOX and other regulatory requirements and security and privacy compliance frameworks
  • Execute risk assessment and continuous compliance monitoring (auditing) of IT controls
  • Coordinate IT participation in and follow-up on internal and external audits
  • Assist in managing the planning, designing, writing, and finalization of policies, control framework and procedures to comply with NIST guidelines.
  • Monitor remediation activity and verify control effectiveness for identified weaknesses
  • Coordinate IT SMEs and documentation in preparation for customer or other authority audits
  • Performs assessments of Third Party services providers including cloud services for adherence to best practices or known frameworks like NIST, etc.
  • Plans, contracts for, and directs periodic disaster recovery tests, which requires reestablishing the information systems capability at a remote disaster site.
  • Prepare and distribute reports to IT staff and management
  • Provide consultation to IT staff in interpretation of audit observations and formulation of corrective action plans
  • Oversee documentation, reporting, and closure of compliance or quality issues
  • Provide interpretation and consultation to staff and project teams on regulations, guidelines, compliance status, and policies and procedures.
  • Other duties as assigned

The above statements represent a general outline of principal job functions and should be not be construed as a complete description of all aspects and requirements inherent in this job.

Job Requirements:

Qualifications:

  • 3 - 7 years’ in IT, or Audit, including specialization in IT Security and/or a combination IT Compliance, IT Audit, and Information Security, and must include the following: Five (5) years’ experience managing IT Compliance programs and monitoring, with specific emphasis on NIST/ ISO/ HIPAA/PCI/ SSAE-18 related requirements. 
  • Subject matter expertise with security and compliance lifecycles and industry frameworks, standards, and guidelines (NIST, FISMA, ISO, COBIT, ITIL)
  • Bachelor’s degree in Computer/Information Science (or related BS degree).
  • Must be able to build and leverage internal and external relationships, facilitate decisions and results at all levels of the enterprise, and drive strategies and projects to solution.
  • Be able to provide manage a wide range of compliance issues relating information security; coordinate remediation efforts throughout the enterprise, analyze risks and implement mitigation actions;
  • Demonstrated analytical and problem-solving skills applied to both technical and business challenges.
  • Knowledge of applicable practices and laws relating to data privacy and protection.
  • General knowledge of computer hardware systems and architectures.
  • SDLC operational lifecycle familiarity
  • Project management experience.
  • Experience in strategic planning, budgeting, consulting, and general industry experience.
  • Proficient ability to react to high pressure dynamic changing environments. 
  • Proficient ability to effectively utilize resources throughout the organization as well as external vendors.
  • Demonstrated effective leadership and communication skills.
  • Experience working in a team-oriented, collaborative environment.
  • Demonstrated results orientation, initiative, attention to detail, and customer service orientation.
  • Excellent written, verbal and presentation communication skills
  • Obtained or demonstrates an active pursuit of one or more of the following certifications: CISM, CISA, CGEIT, CRISC certifications, Project Management Professional (PMP) or other related certifications.
  • 3-5 years' Project Management experience to include Participation in life cycle project implementations (from scoping/planning, requirements gathering, design, development, testing, launch and support).

 


 

 

Benefits-We’re All About You! 

When you're focused on the goal, not the path – you can be more flexible, and that translates into more productive and satisfied employees. From flexible hours to volunteering during work hours to diverse education opportunities, CareerBuilder is committed to helping employees strike a balance. 

Here are just some benefits we offer:

  • Training that positions you to hit the ground running with ongoing learning and development courses; we never stop investing in our people.
  • Comprehensive Medical, Dental & Vision Programs
  • Education Reimbursement Program allowing up to $5k per year towards completion of a Bachelor’s and non-MBA graduate degree, and up to $10K per year towards completion of an MBA!  No strings attached!  
  • $400 Annual Reimbursement for Wellness Activities, including your gym membership!  
  • 401(k) Program with Strong Employer Match and 2 year vesting schedule!  

CareerBuilder, LLC is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.

 

TSR ID: 000876