Senior Compliance Specialist

Company: Global Technical Talent
Location: Vacaville
Posted on: May 9, 2022

Job Description:

Senior Compliance SpecialistJob Description:

• Senior Compliance Specialist obtains reviews and interprets organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
• Evaluate environments involved in the new system and system upgrade projects to determine general computing control requirements.
• Work with system owners to complete process documentation and identify control objectives that are based on risk mitigation.
• Document control activities and establish test objectives and test plans to validate controls operating effectively and efficiently.
• Perform quality assurance reviews on completed/documented test results
• Produce testing and remediation status reports based on pre-established standards
• Work with system owners to determine the root cause of any identified control gaps/deficiencies.
• Work with system owners to establish corrective action plans that will result in repeatable, sustainable resolution to control gaps/deficiencies.
• Evaluate existing processes and control points for potential process improvement and increased maturity.
• Perform walk-thru of multi-platform level controls that have been remediated or updated as a result of previously identified deficiencies.
• Perform other tasks as necessary to ensure IT Audit and Compliance meets its commitments to customers.
• Demonstrates advanced knowledge and technical competence
• Senior Compliance Specialist exercises independent judgment and discretion in matters of significance with broad scope and high complexity
• Independently sets priorities and work schedules. Manager/supervisor performs QA on work.
• Independently drive work efforts to resolution with minimum manager/supervisor involvement Top Things/Task:Mentor EMS (Energy Management System) integration team to understand NERC CIP standards and apply for projects including:
  • CIP-002-5.1a, R1 (BES Cyber System Categorization)
  • CIP-004-6, R1 (Cyber Security - Personnel & Training)
  • CIP-005-6, R1-R2 (Cyber Security - Electronic Security Perimeter)
  • CIP-007-6, R2 (Cyber Security - System Security Management)
  • CIP-010-3, R3-R4 (Cyber Security - Configuration Change Management & Vulnerability Assessments) Job Requirements:Minimum Qualifications:
    • BA/BS in Computer Science, Business, or equivalent experience; typically requires 5 - 7 years of IT experience and 3 - 5 years of IT security or IT risk management experience
    • CIA, CISA, or CISSP certification required
    • Advanced understanding of network and systems security, system and network configuration, and application security
    • Extensive knowledge of key systems and processes
    • Advanced understanding of general computing controls (GCCs)
    • Able to identify moderate to complex control gaps and the related business risk.
    • Working knowledge of generally applicable and accepted auditing standards and frameworks (e.g. COBIT) and best practices for IT services management (e.g., ITIL), government guidelines and laws (e.g. Sarbanes Oxley Act, NERC/CIP). Note:
      • Local Candidates only as this is an Onsite role.
      • The client's laptop will be provided

Keywords: Global Technical Talent, Vacaville , Senior Compliance Specialist, Other , Vacaville, California