Previous Job
Previous
IT Compliance Analyst
Ref No.: 18-40129
Location: Etna, Ohio
Position Type:Right to Hire
Skill Type
Skill Type:Information Technology
General Summary
Reporting to the Compliance Manager, this role is responsible for completing assigned SOX, PCI, GDPR, HIPAA compliance tasks which include control documentation, performing control assessment, lead on remediation tasks and assist in the documentation gathering and tracking of auditors requests. Interaction will include all levels of management and independent auditors. Personal qualities include ongoing independence, professionalism, objectivity, a respected internal consultant with a high degree of integrity and respect for maintaining confidentiality.

Key Responsibilities
1. Assist with the identification, mapping, design and implementation of controls.
2. Perform compliance testing of various information technology controls for SOX, PCI, GDPR, HIPAA, SOC1, SOC2.
3. Assist in the remediation and tracking of control gaps.
4. Work with independent auditors to provide testing documentation and tracking of requests.

Qualifications
1. BS/BA - Management Information Systems (MIS), Computer Science and/or Accounting, Business Finance.
2. Professional certification or designations such as CISA, CISM, CISSP or PCI-QSA highly recommended.
3. Minimum 5 years of IT compliance / risk experience.
4. Working knowledge of policies and procedures; governance practices and control frameworks (COBIT, ITIL, NIST); and regulatory obligations (SOX, PCI, GDPR, HIPAA) as it relates to information systems.
5. Working knowledge of information technology general controls concepts in the areas of systems development (including design, implementation and/or assessment toward solutions), change management, computer operations.
6. Understanding of various operating system platforms including Windows 200X, UNIX, etc.
7. Working knowledge of relational database security concepts and platforms, including Oracle, Microsoft SQLServer and DB2.
8. Working knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to enterprise directory, enterprise integration architecture, and identity & access management.
9. Working knowledge of security controls for internet facing e-commerce

Nesco Resource is an equal employment opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or veteran status, or any other legally protected characteristics with respect to employment opportunities.