Information Security Compliance Job Description

Information Security Compliance Job Description

4.5
162 votes for Information Security Compliance
Information security compliance provides guidance and best practice recommendations for IT security policies, procedures, and standards that meet regulatory requirements including HIPAA and PCI.

Information Security Compliance Duties & Responsibilities

To write an effective information security compliance job description, begin by listing detailed duties, responsibilities and expectations. We have included information security compliance job description templates that you can modify and use.

Sample responsibilities for this position include:

Assists in activities to develop strategies to ensure compliance with security standards regulatory and audit issues
Oversee incident response planning the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches, as necessary
Evaluating new and emerging security products and technologies
Coordinating remediation efforts related to information security
Collaborates with Security Compliance leadership on building, maintaining and monitoring a complete Governance, Risk and Compliance program— engages with the overall Security Leadership team on Continuously Improving the Information Security Management System
Perform initial and periodic privacy risk assessments, and conduct related ongoing compliance monitoring in coordination with the Institute's information security compliance and operational assessment functions
Work with applicable units to develop a mechanism to track access to protected information within the purview of the organization and as required by law, and to allow qualified individuals to review or receive a report on such activity
Reviews system-related information security plans to provide for alignment with the Institute’s security and privacy practices
Engineer best architecture, tools, processes and standards to follow to reduce security risks
Provide engineering support for the entire set of security controls

Information Security Compliance Qualifications

Qualifications for a job description may include education, certification, and experience.

Licensing or Certifications for Information Security Compliance

List any licenses or certifications required by the position: CISSP, CISM, CISA, HITRUST, CRISC, PMP, ISO27001, ISO, HIPAA, CGEIT

Education for Information Security Compliance

Typically a job would require a certain level of education.

Employers hiring for the information security compliance job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Information Technology, Information Systems, Business, Technology, Management Information Systems, Engineering, Management

Skills for Information Security Compliance

Desired skills for information security compliance include:

NIST
PCI
HIPAA
Security standards
Encryption
General audit principles
Metrics collection and reporting
Procedures and policies pertaining to data access and information systems
Security administration processes and frameworks
Virtual private networks

Desired experience for information security compliance includes:

Solid understanding of information technology and information security including
Experience with information security internal & external audits and contract compliance
Undergraduate Degree in Management Information Systems, Information Security, Computer Science or related field
Strong communication skills and ability to easily translate technology requirements into business-friendly discussion
Experience performing audit/test procedures against control or policy requirements required
Experience with a large company and/or Big 4 accounting firm

Information Security Compliance Examples

1

Information Security Compliance Job Description

Job Description Example
Our growing company is searching for experienced candidates for the position of information security compliance. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for information security compliance
  • Focus on documenting and auditingsecurity controls on in-scope systems in context of ISO-27001 certification and NIST 800-53 security program
  • Assists VP, InfoSec Compliance facilitating external audits and providing direct assistance to internal teams in various types of engagements
  • Build and maintain relationships with IT and Business to ensure an understanding of technology strategies, infrastructure, and applications
  • Maintain team that can provide security and privacy consulting expertise at all layers of the technology stack
  • Drive change and innovation in the tools and processes used to perform our work
  • Build and deploy process in a governance, risk, and compliance system
  • Advise on best tools, processes, practices and standards to ensure effective and efficient assessment processes
  • Analyze workflows, staffing, and related metrics to improve efficiency and performance
  • Hire and coach team members with an emphasis on training, motivating, and retaining top employees to ensure a high performing team
  • Assure compliance with policies, standards and controls
Qualifications for information security compliance
  • CISA , CISSP, PMP,CRISC or other relevant designation required
  • Bachelor’s degree in and 5 years of experience in IT security or other related discipline or an equivalent combination of education and work experience
  • In-depth knowledge of security-related technologies, such as Cisco PIX firewall OS, Nokia Checkpoint firewall OS, TCP/IP, DNS, SATAN, CyberCop, ISS, nmap, IBM Secure Way, and/or Web Single Sign-On (SSO)
  • Proven ability to collaboratively plan, document, and deploy IT security operational best practices/processes
  • Deep understanding of security technologies and methods as they apply in an enterprise environment
  • Broad understanding of retail business processes, business applications, data flows, and requirements desired
2

Information Security Compliance Job Description

Job Description Example
Our company is looking for an information security compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security compliance
  • Analyze, research, develop, compose, and/or edit compliance policy and procedure documents according to Turner's standards
  • Responsible for managing, monitoring, and coordinating information security policy exceptions and risk acceptance requests
  • Issue and track policy violations
  • Provide escalation and enforcement for unresolved noncompliance issues
  • Partner with the Information Security Training & Awareness team to create content and strategy for training and awareness initiatives
  • Partner with Legal to promote data retention schedules and guidelines
  • Partner with organization stakeholders and Information Security leads to ensure compliance on IT security policy / standards implementation
  • Work closely with IT leaders, technical experts, product managers and customer facing executives - provide compliance related consultancy and guidance while presenting an in-depth understanding of the IT environment, the challenges of the units, the research landscape and regulations
  • Possesses extensive discipline expertise in project management of complex technical programs
  • Serves as a lead resource for dealing with challenging technical issues and incidents
Qualifications for information security compliance
  • 6-8 years of information security experience and a strong knowledge of security standards
  • Experience implementing PCI standards
  • Hold a valid passport and able to travel periodically on business assignments
  • 3-5 years of experience in information technology in an area such as
  • Strong knowledge of risk management frameworks including
  • Of the following certifications is required
3

Information Security Compliance Job Description

Job Description Example
Our growing company is looking for an information security compliance. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for information security compliance
  • Provide centralized governance for all business unit leads
  • Champion RSA Archer platform and engineering effort, operations and onboarding additional modules
  • Build automation and integration with other products via multiple solutions such as API, Database
  • Drive a common technology model to ensure cross enterprise functionality
  • Evangelize security best practices and business unit security ownership across the organization
  • Partners with technology and business leaders to help drive the global information services strategy with a specific focus on global information security
  • Ensures system compliance with governmental requirements
  • Works collaboratively with technology outsourcing vendors to ensure delivery and compliance
  • Responsible for security architecture, systems integration, network design, compliance, auditing, penetration testing, risk evaluation and assessments, mobile device management, entrusion detecting, single sign-on management, risk, and fraud prevention
  • Creates and manages technology operational expense (OPEX) and capital expense (CAPEX) plans
Qualifications for information security compliance
  • BS in Computer Sciences, Engineering or Sciences
  • Senior level experience and understanding of relevant regulations, laws and policies across multiple IT compliance domains (SOX, GxP, Privacy, InfoSec, ) gained from career experience
  • Good Understanding of Risk and Compliance Marketplace
  • At least 4 years’ IT security working experience in a multinational company
  • Anti-malware system experience
  • ISO27001 projector experience preferred
4

Information Security Compliance Job Description

Job Description Example
Our company is growing rapidly and is hiring for an information security compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security compliance
  • Coordinates with Tower Compliance SMEs to implement strategic IT controls
  • Reports to the Senior Vice President, Infrastructure Operations, and provides metrics on the state of operational functions of compliance activities
  • Escalates project work that arises from Compensating Controls found from audits
  • Develops effective line management relationships to ensure strong understanding of the business, and associated IT functions
  • Manages a team of Compliance Coordinators, who oversee the IT aspect of corporate audits and compliance activities
  • Organizes meetings with internal and external parties to accomplish project plans, goals, and deadlines, and modifies work plans and timelines as required
  • Develops communication and outreach materials to market project and program activities
  • Prepares project, status, and ad hoc reports to keep management abreast of project progress, problems, and solutions
  • Reviews project deliverables for accuracy, adherence with project scope, and quality standards
  • Assists senior staff in partnering to identify and prioritize opportunities for utilizing IT to achieve the goals of the enterprise
Qualifications for information security compliance
  • Familiar with IT infrastructure operations in the areas of Enterprise Server Administration (Windows), Network Design and Administration (WAN and LAN), Routers and Switches, Network Security like Firewall, Anti-malware System, Data Centre management and Desktop Systems
  • Good command in English and Chinese (Cantonese and Mandarin)
  • Knowledge of and experience in developing and implementing information security policies and processes, preferably with global experience
  • Good knowledge of an information security and privacy frameworks and compliance requirements for standards and regulations such as GLBA, ISO27001, and/or PCI
  • Must have sold enterprise wide 'operational' risk management & regulatory compliance 'services'
  • Need to have in-depth knowledge of Information Systems controls
5

Information Security Compliance Job Description

Job Description Example
Our company is growing rapidly and is looking to fill the role of information security compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security compliance
  • Partner with business and technology teams to assess and develop appropriate security requirements
  • Knowledge of the CIS top 20 controls and how they apply to on premise and cloud environments
  • Conduct technical and business reviews for security flaws or vulnerabilities
  • Provide consistent and professional requirements to project teams
  • Ability to track and maintain multiple projects and deliverables
  • Report the levels of IT compliance risk and control effectiveness to key stakeholders such as IT-business unit management, senior management, legal management, internal/external auditors, and so on
  • Monitor remediation effort of IT compliance control deficiencies
  • Identify any gaps between the desired level of compliance and monitor the current level of maturity
  • Be an advocate to the Business relative to meeting compliance objects
  • Audit review (internal/external)
Qualifications for information security compliance
  • Experience managing PCI compliance programs as a QSA or ISA for a Level 1 Merchant
  • Proven experience in regulatory compliance, IT audit, Information Security, IT Operations
  • Proficiency working with recognized IT Security-related standards, technologies and countermeasures
  • Proficiency with industry frameworks such as ISO 27001/27002 and SOX ITGC's
  • Network Security & Forensics
  • System Hardening - Windows & Linux

Related Job Descriptions

Resume Builder

Create a Resume in Minutes with Professional Resume Templates