Optomi, in partnership with a leading provider in the retail industry is seeking an IT Compliance Analyst to join their team!
Responsibilities:
- Provide PCI DSS, SOX, project and governance expertise and consulting to the IT organization, ensuring compliance with PCI and SOX information technology internal controls
- Utilize data analysis to develop a more proactive and anticipatory approach to IT risk management
- Identify KPI’s and metrics, prepare and present reports/dashboards to management
- Ensure controls are accurately documented and maintained and action plans are implemented to address control weaknesses within designated timelines
- Lead and maintain ongoing IT policy exception management process and identify key exception reporting metrics
- Proactively promote the IT risk assessment program to evaluate IT compliance and operational risks ensuring appropriate risk management strategies are defined and implemented
- Communicate IT governance and compliance objectives to ensure an appropriate compliance-aware culture
- Evaluate company requirements and define required policies, along with supporting standards and guidelines
- Initiate and manage the review of IT security controls, including application and infrastructure controls to ensure the company meets its governance and compliance requirements
- Drive efforts with IT teams to ensure appropriate procedures are defined and approved to support IT policies/standards/guidelines
- Coordinate with InfoSec Team and Training & Development Team to develop security awareness materials, working with appropriate teams, to ensure all company associates use strong IT security behavior
- Participate in periodic training and testing to demonstrate knowledge of security concepts
- Manage meetings effectively by setting agendas, maintaining focus and identifying action items
- Ensure that all functions and activities are performed in accordance with accepted IT department standards and procedures
- Manage workload, resolving and escalating issues, as appropriate, and to ensure high quality deliverables
Skills/Experience:
- 2+ year’s work experience in IT governance management, IT compliance, or IT audit
- 1-2 years of experience with IT policies, procedures, standards, and guidelines
- Corporate retail IT experience, preferred
- Formal knowledge of IT systems and processes, and systems development life cycle processes and policies
- Strong knowledge of IT industry standards and best practices as they relate to IT governance areas such as COBIT, COSO, PCI-DSS, ITIL, ISO 27001
- 2-3 years of experience working with compliance initiatives related to Sarbanes-Oxley, HIPAA, and PCI-DSS preferred
- Ability to define and execute upon governance work programs
- Ability to lead or work on projects of all sizes and complexity
- Ability to facilitate group work sessions and drive team consensus
- Ability to work well under pressure while consistently meeting time sensitive deadlines
- Strong interpersonal, written and verbal communication skills to interface effectively with individuals at various levels
- Ability to work well independently, as well as effectively contribute to a team environment
- Analytical with strong problem-solving abilities and creative resolution skills
- Ability to prioritize workload, meet multiple deadlines simultaneously in a fast paced, frequently changing environment
- Strong Microsoft Office program experience, including Project, Visio, Excel, & Word
- Bachelor’s degree in Computer Science, Management Information Systems, Accounting, Business Administration or relevant field of study required
