Determine and maintain an inventory of all regulatory, commercial and organizational technology compliance requirements. Facilitate the creation and upkeep of all technology compliance policies. Create an IT compliance risk assessment scorecard and periodically assess the regulatory, commercial, governmental and organizational IT compliance risks. Identify the associated IT compliance control gaps and oversee the documentation, implementation, testing and remediation of the entire IT compliance control portfolio. Assists with the annual IT SOX internalexternal audits and remediation planning. Reviews and creates periodic audit reports on user access and system activities. Develop and direct IT compliance control monitoring programs to ensure IT compliance-related risks are managed to the appropriate level of acceptable corporate risk. Implement and maintain an IT compliance issue management tracking and resolution process that will address known issues, according to severity and potential impact to the organization. Report the levels of IT compliance risk and control effectiveness to key stakeholders such as IT-business unit management, senior management, the board of directors, legal, regulators, internalexternal auditors, etc. Coordinate audit-related tasks such as ensuring the readiness of IT managers and their organizations for audit testing and facilitating the timely resolution of any audit findings. Provide technical advice and insight on compliance requirements to business leaders. Assist business and IT managers with the acquisition of tools and applications to assist with IT compliance-related projects, audits, and initiatives. Requirements 3 - 5 years of IT Compliance, Information Security and Audit experience. Technical proficiency in IT compliance and audit support software and tools. Ability to function as a subject matter expert to other ITbusiness groups on compliance-related matters. Knowledge of IT security controls for midrange computers, servers, databases, PCs, laptops, and tablets. Solid knowledge of the Sarbanes Oxley Act (SOx), EU GDPR and PCI-DSS compliance. Familiarity with the NIST, ITIL, COBIT, ISO 27000 and PCI-DSS cybersecurity frameworks and their subsequent components. Experience with risk analysis tools, technologies, and policies while understanding of business impact. Proficiency in performing risk, business impact analysis, control and vulnerability assessments, and in defining remediation strategies. Associated topics: attorney corporate, business, compliance, compliance department, compliance office, corporate, corporate attorney, court, lawyer, legal department
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.