18 days old
2018-01-022018-01-30

- Information Technology Compliance Analyst -

Washington, DC 20433
  • Job Code
    593739

Position Overview:


The Office of Information Security (OIS) ensures that security efforts throughout the Client are coordinated and aligned with the Bank's business and IT strategy. This Office delineates the Client's information security plans and ensures, in coordination with the Information Security Council, that resources and all implementation of plans, procedures, and standards are reviewed, supported, and deployed in the most effective and efficient manner and are consistent with overall risk management. The Client Office of Information Security needs a suitable resource to support the Compliance functions. The Analyst should be able to support Compliance function, wherein s/he will be expected to validate Key Controls in ITGC areas and assist in Control implementation and documentation of Processes and procedures to address internal controls over Financial Reporting requirements. S/he will be expected to develop test plans and procedures to access the effectiveness of controls and capable to assist in ISO 27001 & 27000 certification efforts.


Essential Job Functions:


- Assist in the development and implementation of sustainable compliance framework and processes in the Client to meet IT policies, business requirements, and applicable legal and regulatory requirements


- Conduct IT Technology and process audits as well as compliance assessments based on COBIT, ISO 27001 & ISO 20000 frameworks.


- Assist in controls implementation, including documentation of processes and procedures to address Internal Controls over Financial Reporting (ICFR) requirements for the IT General Computer Controls (ITGC) for Information Security, Change Management, and IT Operations areas


- Independently assess the design effectiveness of IT General Computer Controls for Information Security, Change Management, and IT Operations


- Develop test plans and detailed test procedures to assess operating effectiveness of the IT General Computer Controls for Information Security, Change Management, and IT Operations


- Assess compliance against technical standards for various platforms and technologies.


- Collect, evaluate, and maintain data to ensure that required management reporting is completed as needed (this also includes inputting appropriate data into systems such as RSAM & Bwise)


- Assist in ISO 27001 & ISO 20000 certification efforts, including risk assessments, internal compliance assessments, and program management


- Assist in monitoring open audit items form audits, such as Client internal audit department (IAD) IT audits, external financial audits on Internal Controls over Financial Reporting (ICFR), and ISO 27001 & ISO 20000 certification audits to ensure execution of remedial activities defined in the agreed action plans and risk treatment plans


- Perform other duties in the compliance work program, as assigned


Educational Qualifications and Experience:


- Education: MA/MS (In Computer Science, Information Systems or a related technical field or equivalent combination of education and experience. BS/BA is minimum education requirement.)


- Role Specific Experience: Minimum 5+ years' experience working in an information security, information technology or compliance related field;


- Experience in conducting design and operating effectiveness testing for the ITGCs


- Demonstrated experience in implementing compliance frameworks for financial services organization or organizations with similar information security needs and requirements


- Experience in conducting assessments, designing processes, and implementing SOX controls for the IT General Computer Controls (ITGCs) areas for the IT General Computer Controls (ITGC) for Information Security, Change Management, and IT Operations


- Experience in auditing platforms (UNIX, Windows) and databases (Oracle);


Certification Requirements:


- Industry certifications highly preferred, including but not limited to Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Information Systems Security Management Professional (ISSMP)


Required Skills/Abilities:


- Familiarity and understanding of broad range of IT hardware and software products


- Good understanding of industry standards and regulations including COBIT, COSO, and SOX


- Good knowledge and demonstrated work experience of the use of ISO 27001 control framework and Information Security Management System (ISMS) implementation


- Demonstrated knowledge of IT and security controls for network, database, application and operating systems. Strong knowledge and work experience with logical access controls


- Knowledge of ERP and financial system including but not limited to SAP, PeopleSoft and Summit, Enterprise GRC systems such as BWise and RSAM


- Self-motivated with the ability to work independently and within groups with minimal supervision


- Excellent written and verbal communication skills, presentation, and problem solving skills, and ability to interact well with peers and internal customers


- Highest ethical standards


Desired Skills/Abilities (not required but a plus):


Pluses for Levels: (for level II, III):


Experience Matrix for Levels:


- Level II - 5+ years of experience

Categories

  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

- Information Technology Compliance Analyst -

Randstad Technologies
Washington, DC 20433

Share this job

- Information Technology Compliance Analyst -

Randstad Technologies
Washington, DC
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast