TitleInfo Security GRC Sr. Advisor (GRC801)
Quest
PA
hace 2 días

Overview

  • Ensure compliance with industry regulations and working with independent, external auditors to demonstrate such compliance to achieve certification of compliance
  • Stay abreast of industry requirements for certifications relevant to Quest business
  • Maintain in-depth knowledge of certifications and controls such as ISO2700X, PCI-DSS, SOC1 and SOC2
  • Collaborate with legal to maintain and improve our privacy compliance program
  • Develop control definitions and pass criteria for compliance
  • Interview internal resources and review process documentation to assess compliance with established controls and identify gaps
  • Work with other teams to identify solutions for compliance gaps
  • Track compliance gaps and ensure work to remediate gaps meets deadlines
  • Conduct periodic reviews of security and privacy policies and procedures
  • Conduct periodic reviews of vendors’ certifications and compliance
  • Organize and present audit documents for review with external auditors
  • Conduct internal audits to identify risks and manage risk-tracking efforts
  • Create and deliver training to employees on compliance topics
  • Define and monitor metrics on compliance progress
  • Drive innovation to improve compliance effectiveness and efficiency
  • Prepare customer-facing materials on compliance efforts
  • Meet with customers to resolve concerns related to privacy, security, and compliance
  • Manage the completion of customer security questionnaires
  • Respond to customer inquiries on compliance related matters
  • Responsibilities

    Previous experience as a compliance analyst in a related field

  • Experience with certifications, standards, and regulations such as ISO2700X, PCI-DSS, SOC1, SOC2, CCPA, and GDPR
  • Experience with information security principles / practices
  • Experience with privacy principles / practices
  • Some experience with software development practices
  • Passionate about security, privacy, and compliance
  • Self-motivated, quick learner, fast researcher
  • Excellent written and verbal communication skills
  • Qualifications

    Bachelor’s degree in a related field or related work experience

  • Knowledge of industry cloud technologies
  • 7+ years work experience within the software industry with practical experience working in compliance
  • Education or Certification in Information Systems, Management Information Systems or Computer Science or related field at a minimum is required.
  • Professional Certifications such as CIPP (Certified Information Privacy Professional), CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor), CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is strongly preferred.
  • Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación