Hard Rock International

Returning Candidate?

Information Security Compliance Analyst

Information Security Compliance Analyst

Job ID 
2017-3456
# of Openings 
1
Job Locations 
US-FL-HOLLYWOOD
Department 
Information Technology

More information about this job

Overview

The Information Security Compliance Analyst will be a team player and a self-motivated individual who will play an important role in ensuring compliance programs and Information Security policy deliverables are met.  This position will work closely with various business partners as a subject matter expert to facilitate the completion of risk assessments and targeted compliance risk assessments. As an IT audit point of contact, the incumbent will coordinate audit processes and be the liaison for all IT audit requests. Utilizing excellent written and verbal communication skills, the incumbent will be responsible for the effective and timely communication of issue/audit statuses to stakeholders as well as articulating any deficiencies to key management personnel.  This position is also responsible for coordination of remediation activities through tracking and verification.

Responsibilities

Primary Responsibilities:

  • Involvement in planning activities of information technology, operational and compliance audits across the enterprise and assist with the coordination between IT and internal/external audit participants by acting as the liaison.
  • Coordinate with independent auditors in executing audit procedures for the organization, close-out and finalize audits / projects, identification and assessment of issues, review of supporting documentation, and the coordination of remediation activities.
  • Responsible for providing guidance and support for business units during applicable audits.
  • Creates and interprets information security policies and assists with their implementation and enforcement.
  • Participate in the implementation of the security awareness program.
  • Promotes information security awareness and monitors compliance with enterprise information security policies.
  • Effectively communicate with customers, supervisors, and subject matter experts to deliver on requests and tasks in a timely manner, and to ensure clarity on project status, deadlines, and deliverables throughout the project lifecycle.  
  • Work with various business partners to facilitate the completion of risk assessments and targeted compliance risk assessments.
  • Assist in the assessment and review of new vendors and/or new and existing technology to ensure adequate levels of control are in place to maintain compliance with security requirements.
  • Monitor status of user security access reviews as well as handle the coordination of POS terminal inventory reviews across all locations.
  • Assist risk owners with identification of key risks and mitigating controls as well as action plans to address any gaps in the mitigating measures identified.
  • Monitor status and compliance with Payment Card Industry (PCI) standards.
  • Performs other security team duties as assigned or requested.
  • Bachelor’s degree with emphasis in related field or equivalent work experience.
  • 5+ years’ of Security and IT Risk experience with regulatory, internal audit and/or compliance testing, including the development of remediation activities or steps.
  • An equivalent combination of education and/or experience may be substituted for the above requirements.
  • Experience with development of General Controls and/or IT Compliance related standards
  • Working knowledge and exposure of IT Governance, Risk Management, and Compliance practices.
  • Working knowledge and understanding of ISO framework.
  • Experience with the audit process involving relevant regulatory requirements specific to General Data Privacy Regulation (GDPR), Sarbanes-Oxley (SOX), Payment Card Industry/Data Security Standard (PCI-DSS) and Privacy Shield.
  • Cybersecurity/ IT risk assurance expertise.
  • Experience with information security tools and utilities.
  • Strong written and oral communication, analytical and problem solving skills. 

Qualifications

Skills:

  • Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
  • Clear ability to build strong relationships and establish trust with stakeholders at all levels.
  • Excellent verbal and written communication skills.
  • Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner.
  • Ability to solve complex problems in a timely manner by working with multiple stakeholders.
  • Ability to manage multiple tasks and work streams effectively.
  • Ability to follow detailed procedures and processes with a high degree of accuracy.
  • Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product.
  • Experience managing projects through the full system development lifecycle.
  • Multiple language abilities preferred – fluency in English (written and spoken) required.
  • Flexibility to travel as required up to 25% overnight travel. 
  • Preferred:
  • At least one industry standard certification such as Certified Information System Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Privacy Professional (CIPP) or other audit certifications.
  • Gaming system and/or POS experience.