Senior Compliance Specialist
Company: Global Technical Talent
Location: Vacaville
Posted on: May 9, 2022
Job Description:
Senior Compliance SpecialistJob Description:
- Senior Compliance Specialist obtains reviews and interprets
organizational IT policies, standards, and procedures to identify
control points that would assist in mitigating risk to the
business.
- Evaluate environments involved in the new system and system
upgrade projects to determine general computing control
requirements.
- Work with system owners to complete process documentation and
identify control objectives that are based on risk mitigation.
- Document control activities and establish test objectives and
test plans to validate controls operating effectively and
efficiently.
- Perform quality assurance reviews on completed/documented test
results
- Produce testing and remediation status reports based on
pre-established standards
- Work with system owners to determine the root cause of any
identified control gaps/deficiencies.
- Work with system owners to establish corrective action plans
that will result in repeatable, sustainable resolution to control
gaps/deficiencies.
- Evaluate existing processes and control points for potential
process improvement and increased maturity.
- Perform walk-thru of multi-platform level controls that have
been remediated or updated as a result of previously identified
deficiencies.
- Perform other tasks as necessary to ensure IT Audit and
Compliance meets its commitments to customers.
- Demonstrates advanced knowledge and technical competence
- Senior Compliance Specialist exercises independent judgment and
discretion in matters of significance with broad scope and high
complexity
- Independently sets priorities and work schedules.
Manager/supervisor performs QA on work.
- Independently drive work efforts to resolution with minimum
manager/supervisor involvement Top Things/Task:Mentor EMS (Energy
Management System) integration team to understand NERC CIP
standards and apply for projects including:
- CIP-002-5.1a, R1 (BES Cyber System Categorization)
- CIP-004-6, R1 (Cyber Security - Personnel & Training)
- CIP-005-6, R1-R2 (Cyber Security - Electronic Security
Perimeter)
- CIP-007-6, R2 (Cyber Security - System Security
Management)
- CIP-010-3, R3-R4 (Cyber Security - Configuration Change
Management & Vulnerability Assessments) Job Requirements:Minimum
Qualifications:
- BA/BS in Computer Science, Business, or equivalent experience;
typically requires 5 - 7 years of IT experience and 3 - 5 years of
IT security or IT risk management experience
- CIA, CISA, or CISSP certification required
- Advanced understanding of network and systems security, system
and network configuration, and application security
- Extensive knowledge of key systems and processes
- Advanced understanding of general computing controls
(GCCs)
- Able to identify moderate to complex control gaps and the
related business risk.
- Working knowledge of generally applicable and accepted auditing
standards and frameworks (e.g. COBIT) and best practices for IT
services management (e.g., ITIL), government guidelines and laws
(e.g. Sarbanes Oxley Act, NERC/CIP). Note:
- Local Candidates only as this is an Onsite role.
- The client's laptop will be provided
Keywords: Global Technical Talent, Vacaville , Senior Compliance Specialist, Other , Vacaville, California
Didn't find what you're looking for? Search again!
Loading more jobs...