Job Description :
Information Security & Compliance
Location: Lincolnshire IL
Type: Long term Contract

Note: CISSP Certification is Mandatory.

Must Have Skills:
Main responsibilities will include internal security risk assessments, partnering with stakeholders to ensure management of IT risks, and project management for regulatory testing and remediation of findings.
· Oversees a varied and complex program covering multiple domains and disciplines.
· Owns and maintains Project Management framework for use by aligned Project Managers.
· Facilitates change management activities.
· Drives quality management across the program.
· Consults with senior leadership on overall business strategy to create and manage the overall program strategy.
· Creates business cases to support program prioritization.
· Creates and maintains program artifacts
· Responsible for program level reporting including accounting for key project level rollups.
· Integrates multiple projects across resource, priority, and timeline dimensions.
· Manages and resolves program and project resource constraints.
· Identifies and manages program level risks.
· Leverages available data and analytics to drive program level strategy and actions.
· Owns relationships with internal and external stakeholder teams; facilitates regular updates with senior leaders and stakeholders.
· Manages program financials and resource allocation budget.
· Owns and manages escalated program issues to resolution.
· Coaches, mentors and/or manages aligned project managers.

Responsibilities
· Execute effective security risk assessments and coordinate with Foundation Technology, Workspace Technology and Global Security Services team in delivering ITGC mandates
· Maintain regional and local stakeholder relationships, meeting schedules, minutes, RACI and partnering accountability
· Contribute toward continuous improvement in methodologies and practices of ITGC to attain higher capability maturity levels
· Provide support for Evidence Repository (i.e. bWise, Archer, Connect)
· Appropriately challenge and require high quality findings and issue definition from regional and local control owner /assurance partners
· Provide support of policy/standards exceptions, report status to regional and local management, and advise on corrective actions
· In conjunction with the Assessment Manager, provide advisory services and activities including risk assessments, definitions of policy and standard documentation, and interpretation of compliance results
· Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the IT Risk Standards, the Consolidated IT Control Catalog, Internal Controls Framework, SOX, HIPAA, PCI, SOC1-2, HiTRUST regulatory / legal and other obligations / requirements
· Prepare stakeholder presentations for Assessment Manager, regional stakeholders and senior leadership
· Partner with Internal Audit on remediation of findings
· Bachelor''s degree in Business, Computer Science or equivalent experience required
· Master’s degree desirable not required
· 15+ years of work experience
· Minimum 5 years working in area of ITGC or controls function
· Prior experience in audit, risk management, governance, IT security and/or compliance functions
· Proven experience dealing with ambiguous situations, and producing a consistent result with varied input
· Project management background
OTHER SKILLS:
· Knowledge of information risk concepts and practices required
· Knowledge of controls manifestation in large global corporations with regional and local presence is required
· Experience of working across business units and geographical boundaries to engage IT, business and team members is required
· Ability to investigate, question and interpret internal and external security environments is required
· Knowledge of Frameworks, including SOX, HIPAA, PCI, SOC1, SOC2, HiTRUST is a plus
· Detailed knowledge of ITGC, Auditing principles / practices is desired
· Good understanding of Vendor management desired
· Good understanding of security frameworks desired
· Good project management skills desired
· CISSP, CISM, CISA, ITIL and/or COBIT
· PMP Certification - Prince2 or PMI (preferred)
· Agile (preferred)
· SCRUM (preferred)
· Flexibility to work on weekends and holidays
· Multi-lingual (preferred)


Ashish Mishra
Zodiac Solutions Inc.
880 E Swedesford Road, Suite #210, Wayne, PA 19087.
/
             

Similar Jobs you may be interested in ..