Job description

There’s a JD below, but we’re basically seeking a Sr. Information Security Compliance Analyst with experience in FISMA / NIST / SOC-2, Strong Documentation, Info Sec Compliance.

Preferred: CISA/CISM/CRISC/CISSP/ISAAP

This is 6 months Contract, EST Hours, Location: Remote

VISA:USC/GC

Job Description:

Duties/Responsibilities:

• Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures and standards in order to validate the maintenance of secure configurations.

• Map NFA requirements and regulatory requirements across the information security framework to identify overlapping requirements and compliance efficiencies.

• Track enterprise compliance across multiple security frameworks including SOC 2,NIST, and FISMA and maintain up-to-date records of requirements and corresponding mitigating controls.

• Monitor third-party risk assessments and assist in performing internal risk assessments.

Collaborate on critical IT projects to ensure that security policy/risk issues are addressedthroughout the project life cycle.

• Monitor NFAs change management process to ensure compliance.

• Develop key performance metrics to track and ensure compliance with established policies and standards.

• Support the development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.

• Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.

Requirements:

• Bachelors degree in business, with IT audit or compliance experience, or computer science, with business and IT audit or compliance experience desired

• Knowledge and understanding of FISMA, NIST, and SOC-2 information security standards

• Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO is highly desired

• Minimum five years’ experience conducting security control assessments or audits • Minimum two years’ experience developing or managing a security awareness program

• SOC-2 audit experience from a major professional services firm is highly desired

• At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) highly desired

• Strong or al and written communication skills

• Ability to maintain security documentation and manuals

• Must have strong analytical and critical-thinking skills

• High level of attention to detail and be a self-starter with the ability to work independently, multi-task, and adjust to shifting priorities

Job Type: Contract

Pay: $70.02 - $75.49 per hour

Benefits:

• Health insurance

Schedule:

• 8 hour shift

Experience:

• Linux: 1 year (Preferred)
• Cybersecurity: 1 year (Preferred)
• Information security: 1 year (Preferred)

Work Location: Remote

oacadventures.ca is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, oacadventures.ca provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, oacadventures.ca is the ideal place to find your next job.