Title: GRC Compliance Analyst
Location: Houston, TX
Duration: Direct Hire
Work Requirements: US Citizen, GC Holders or Authorized to Work in the US
Qualified candidates may send a copy of their resume (Word Format) to Danielle Raisi at (url removed)
Job Description:
The Information Services (IS) Compliance Analyst will join the Information Technology Governance, Risk & Compliance (IT GRC) Team to support and enhance the Security and Compliance Programs.
This will include but is not limited to; Administration of Regulatory Compliance Programs, Ensuring Adherence to Policies & Procedures, Performing Risk Assessments, ensuring programs and initiatives adhere to the clients Control Framework, and supporting Cybersecurity Compliance efforts.
Job Responsibilities
The primary responsibility of the IS Compliance Analyst role is to facilitate and manage the ongoing assessment of Sarbanes Oxley Act (SOX), Payment Card Industry – Data Security Standard (PCI-DSS), and Data Security Agreement (DSA) compliance programs
Collect, review, and analyze data from information systems
Perform SOC report reviews
Monitor control deficiencies, and support management in the development of remediation plans to address deficiencies in a timely manner
Assist project teams with creation and implementation of IT controls
Collaborate with Internal Audit and/or External Audit Teams in developing, testing, and creating action plans to effectively meet applicable IT control objectives
Develop cybersecurity awareness and training materials
Enforce adherence to IT Policies, Standards & Procedures by being an integral part of the ongoing and ad-hoc initiatives
Maintain awareness and knowledge of current changes within legal, regulatory, and technology environments, which may affect operations
Maintain GRC systems and tracking metrics of controls and status
Ensure management and peers are informed of any changes and updates in a timely manner
Work with multiple business units, diverse teams, and service providers to accomplish department's mission
Create high quality deliverables in terms of both content and presentation
Independently prioritize and manage work responsibilities across multiple work streams
Maintain membership in appropriate professional organizations and publications
Skillset / Experience:
Minimum of up to 3 years of technical experience in IT GRC or IT audit related experience
Bachelor's Degree or equivalent
Demonstrated experience with IT Compliance in some combination of SOX, PCI-DSS, and/or DSA
Strong analytical skills and technical knowledge of some combination of the following: Client/Server architectures, Network architectures, Databases, Web Applications, ERP Applications, and Cloud-based environment
Ability to balance project work with day-to-day administrative tasks and troubleshooting in a highly dynamic business environment
Attends meetings, seminars and conferences and maintains continuity of any required or desirable certifications, if applicable
Demonstrated working knowledge of some combination of IT control frameworks (NIST 800-53, NIST 800-171, ISO 27001, COBIT), security concepts and strategies
Applicable Certifications: All preferred but not required depending on experience/background
CISA (Certified Information Systems Auditor), or
CIA (Certified Internal Auditor), or
CRISC (Certified in Risk and Information Systems Control), or
PCIP (Certified Payment Card Industry Professional)
About INSPYR Solutions:
As a leading information technology partner, we connect top IT talent with our clients to provide innovative business solutions through our IT Staffing, Professional Services, and Infrastructure Solutions divisions. We understand and value the unique needs of highly-skilled information technology professionals in the industry and always strive to stay above the curve. Our company was founded on the following core values: Be the Best, Understand the Urgency, Never Ever Give Up, Have the Courage to Excel, and Make a Contribution. We take pride in our business model and strive to create a positive workplace environment through an exemplary culture.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.
#LI-DR2
#IND-FUNCTIONAL