IT Compliance Manager in 3445 Peachtree Rd NE, Atlanta, GA 30326 at CareerBuilder

Date Posted: 11/12/2019

Job Snapshot

Job Description

US - CareerBuilder

 

 

Position: IT Compliance Manager

The role will manage and execute risk management functions, security project management, promote organizational security awareness functions and assist the Senior Manager of Global Information Security Risk and Compliance in policy development. In this role, the manager will also ensure the organization complies with statutory and regulatory requirements and standards regarding information storage, access, security and privacy. The ideal candidate will have a track record of success in the information security field and possess a solid understanding of information security methodologies. As well as regulatory and compliance requirements as they relate to all lines of business and across all functional areas within CareerBuilder.

Responsibilities:

  • Function as point of contact and subject matter expert relating to IT Governance & regulatory compliance.
  • Drive the identification, implementation, and improvement of the organizational privacy strategy, framework, and standards globally.
  • Develop and implement processes to identify and address evolving privacy risks inherent in the organization’s operations, and in the development of new products, services and technologies
  • Define, enable and manage processes for data subject/individual rights and requests, and ongoing tracking and monitoring of such processes and requests.
  • Provide “privacy by design” counseling to cross-functional teams for new products and initiatives
  • Define and maintain privacy related management information to assist with reporting and demonstrating accountability to relevant stakeholders
  • Maintain and report on security controls required by NIST, HIPAA-HITRUST, GDPR, PCI, SSAE-18 Type 1 SOC 2 , ISO 27001 & SOX and other regulatory requirements and security and privacy compliance frameworks
  • Execute risk assessment and continuous compliance monitoring (auditing) of IT controls
  • Coordinate IT participation in and follow-up on internal and external audits
  • Assist in managing the planning, designing, writing, and finalization of policies, control framework and procedures to comply with NIST guidelines.
  • Monitor remediation activity and verify control effectiveness for identified weaknesses
  • Coordinate IT SMEs and documentation in preparation for customer or other authority audits
  • Performs assessments of Third Party services providers including cloud services for adherence to best practices or known frameworks like NIST, etc.
  • Prepare and distribute reports to IT staff and management
  • Provide consultation to IT staff in interpretation of audit observations and formulation of corrective action plans
  • Oversee documentation, reporting, and closure of compliance or quality issues
  • Provide interpretation and consultation to staff and project teams on regulations, guidelines, compliance status, and policies and procedures.
  • Other duties as assigned

The above statements represent a general outline of principal job functions and should be not be construed as a complete description of all aspects and requirements inherent in this job.

Job Requirements:

Qualifications:

  • 3-7 year experience in privacy regulations (e.g. GDPR, HIPAA, CCPA, PIPEDA etc) and demonstrable experience in the interpretation of and compliance with such regulations in a complex business environment.
  • 3 - 7 years’ in IT, or Audit, including specialization in IT Security and/or a combination IT Compliance, IT Audit, and Information Security
  • Five (5) years’ experience managing IT Compliance programs and monitoring, with specific emphasis on NIST/ ISO/ HIPAA/PCI/ SSAE-18 related requirements. 
  • Subject matter expertise with security and compliance lifecycles and industry frameworks, standards, and guidelines (NIST, FISMA, ISO, COBIT, ITIL)
  • Experience and expertise in the development, execution, and maintenance of HITRUST compliance or equivalent HIPAA Experience.
  • Bachelor’s degree in Computer/Information Science (or related BS degree).
  • Must be able to build and leverage internal and external relationships, facilitate decisions and results at all levels of the enterprise, and drive strategies and projects to solution.
  • Be able to provide manage a wide range of compliance issues relating information security; coordinate remediation efforts throughout the enterprise, analyze risks and implement mitigation actions;
  • Demonstrated analytical and problem-solving skills applied to both technical and business challenges.
  • Knowledge of applicable practices and laws relating to data privacy and protection.
  • Knowledge of basic software programming paradigms and best practices inclusive of, but not limited to, Privacy by Design and OWASP.
  • General knowledge of hardware systems and architectures, both traditional data center and public-cloud.
  • SDLC operational lifecycle familiarity
  • Ability to relate regulatory or framework requirements to multiple parties including engineering staff of both hardware and software.
  • Project management experience.
  • Experience in strategic planning, budgeting, consulting, and general industry experience.
  • Proficient ability to react to high pressure dynamic changing environments. 
  • Proficient ability to effectively utilize resources throughout the organization as well as external vendors.
  • Demonstrated effective leadership and communication skills.
  • Experience working in a team-oriented, collaborative environment.
  • Demonstrated results orientation, initiative, attention to detail, and customer service orientation.
  • Excellent written, verbal and presentation communication skills
  • Obtained or demonstrates an active pursuit of one or more of the following certifications: CISM, CISA, CGEIT, CRISC certifications, Project Management Professional (PMP) or other related certifications.
  • 3-5 years' Project Management experience to include Participation in life cycle project implementations (from scoping/planning, requirements gathering, design, development, testing, launch and support).

This position will work with confidential and proprietary information that requires a signed Employee Non-Disclosure Agreement upon hire.

 


 

 

Benefits-We’re All About You! 

When you're focused on the goal, not the path – you can be more flexible, and that translates into more productive and satisfied employees. From flexible hours to volunteering during work hours to diverse education opportunities, CareerBuilder is committed to helping employees strike a balance. 

Here are just some benefits we offer:

  • Training that positions you to hit the ground running with ongoing learning and development courses; we never stop investing in our people.
  • Comprehensive Medical, Dental & Vision Programs
  • Education Reimbursement Program allowing up to $5k per year towards completion of a Bachelor’s and non-MBA graduate degree, and up to $10K per year towards completion of an MBA
  • Global Wellness initiatives to promote financial, mental and physical health and well-being
  • 401(k) Program with a two year vesting schedule, discretionary match, and an opportunity to make Pretax and Roth contributions

CareerBuilder, LLC is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.

 

TSR ID: 001560