IT Compliance Analyst

Intratek Computer, Inc., an Irvine, California based company, was founded and incorporated in 1989 as a computer service, support, and networking firm to provide state-of-the-art customized information technology solutions for Federal, State and County agencies, as well as leading private commercial accounts. We have comprehensive experience providing IT support services, including hardware and software support, maintenance and repair, programming, professional staffing, networking, web design and development, and helpdesk implementation and management.

Intratek Computer, Inc. is looking for a IT Compliance Analyst to support us in Dallas, TX.

• IT Compliance Analyst
• Onsite
• Dallas, TX
• Pay rate depends on experience
• Medical benefits
• Paid vacation
• Paid holidays

GENERAL SUMMARY:

This position will report to the SR Information Security Manager (Governance, Risk, and Compliance) to lead and support compliance program initiatives focusing on ensuring ongoing compliance. This position requires strong compliance experience, strong technical expertise (including technology and data security), proactive problem-solving skills, and the ability to work in a fast-paced environment to ensure our systems and data meet internal and external regulatory requirements.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

1. Lead internal, vendor-managed, and cloud-hosted application access reviews to ensure access appropriateness.

2. Develop, maintain, and improve access review methodology.

3. Work with business units, control owners, and IT support staff to remediate access where deficiencies are identified.

4. Ensure compliance with the applicable Board policies and Standard Operating Procedures per periodic access reviews.

5. Identify manual security compliance controls that can be improved through automation and design and/or work with internal teams for said automation.

6. Recommend new security compliance metrics and automate reporting of existing metrics.

7. Actively review, test, analyze and report on the effectiveness and state of all required logical security controls.

8. Present data, metrics, and other findings to key internal stakeholders.

MINIMUM REQUIREMENTS:

• Bachelor s degree in computer science, Information Technology, or a related field, or equivalent work experience.
• A minimum of three (3) years of experience in information security compliance or information security-related fields.

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:

• Proficiency in Security Compliance and Regulatory Concepts, exemplified by a comprehensive understanding of relevant laws, regulations, and industry standards.
• Detail-oriented approach, especially in addressing audit findings, and implementing compensating control where appropriate.
• Proficient in conducting user access reviews and implementing and delivering effective mitigation strategies to ensure the safety and security of systems and operations.
• Familiarity with regulatory frameworks such as GDPR, HIPAA, PCI DSS, or ISO 27001.
• Meticulous attention to detail to ensure accurate and thorough analysis of security controls and compliance measures.
• In-depth understanding of governance, risk and compliance (GRC) in the realm of information security principles and best practices.
• Extensive knowledge of best practices and industry standards such as NIST SP 800-53, and the Center for Information Security (CIS) Benchmarks.
• Strong analytical and problem-solving abilities.
• Effective communication skills for technical and non-technical audiences.
• Adaptability to new technologies and changing security landscapes.
• Collaborative working with teams and cross-functional departments.
• Commitment to continuous learning in disaster recovery concepts.
• Excellent problem-solving and troubleshooting skills.

SPECIAL REQUIREMENTS

• Must obtain a Security Identification Display Area (SIDA) Identification/Access Badge (badge) in accordance with Department of Homeland Security Transportation Security Administration (TSA) requirements in Chapter 49 of the Code of Federal Regulations Part 1500 et al., client s Security Program within thirty (30) days from date of employment and maintain qualification for a SIDA badge upon each badge renewal.
• Must be fingerprinted and pass a national fingerprint-based background check to access Criminal Justice Information within thirty (30) days from date of employment.
• Must take Cyber awareness training within thirty (30) days from date of employment.
• Industry Experience: Experience in highly regulated industries like finance, healthcare, or government.

DESIRABLE

• Five plus (5+) years of proven experience in security compliance and assessments.
• Advanced Degrees: master s degree in Cybersecurity, Information Technology, or a related field.
• Industry Certifications: Advanced certifications like Certified Information System Security Specialist (CISSP), Certified Information Security Auditor (CISA), or Certified Information Security Manager (CISM).

EFFORTS

• Works in an office environment.
• Sits for extended periods of time.
• Uses near-visual acuity in reading written documents and statistical data.
• Uses keyboard devices and a computer monitor.
• Exchanges information by telephone, computer, in writing, and in person.
• Drives to locations on and off Client s property.

Equal Opportunity Employer:

Intratek Computer Inc. is an equal opportunity employer. "All qualified applicants will receive consideration for employment without regard to their race, religion, ancestry, national origin, sex, sexual orientation, age, disability, marital status, domestic partner status, or medical condition."

Veterans Preference:

Special preference will be given returning war veterans when hiring new employees in an attempt to recognize their service, sacrifice, and skills