Security Compliance Analyst Job Description

Security Compliance Analyst Job Description

4.9
151 votes for Security Compliance Analyst
Security compliance analyst provides subject matter expertise related to NIST 800-53, ISO27001, PCI DSS, SOC 2 or HIPAA.

Security Compliance Analyst Duties & Responsibilities

To write an effective security compliance analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included security compliance analyst job description templates that you can modify and use.

Sample responsibilities for this position include:

Plan, execute and lead security audits across an organization related to Sox, PCI, HIPAA and other compliance initiatives
Highlighting shortcomings in the operation of platform security and compliance processes ensuring they are appropriately addressed
Coordinate efforts for internal and external audits
Using existing firm policies and standards, and applicable industry regulations to plan, maintain, and operate compliance activities
Develops, reviews, prepares and analyzes compliance and assessment documents
Conduct periodic reviews/audits of systems to insure adherence to current procedures and policies by all areas within the firm
Work with business units and IT support staff to design remediation where deficiencies are identified
Perform vulnerability assessments and develop related mitigation strategies
Work with outside consultants as appropriate for independent security audits and/or testing
Responsible for coordinating and managing the annual Sarbanes-Oxley and SSAE 16 audits for the IT organization

Security Compliance Analyst Qualifications

Qualifications for a job description may include education, certification, and experience.

Licensing or Certifications for Security Compliance Analyst

List any licenses or certifications required by the position: CISSP, CISA, CISM, ISO, CRISC, ITIL, PCI, CGFM, CPA, CIA

Education for Security Compliance Analyst

Typically a job would require a certain level of education.

Employers hiring for the security compliance analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Business, Education, Information Security, Information Systems, Engineering, Technical, Management Information Systems, Technology

Skills for Security Compliance Analyst

Desired skills for security compliance analyst include:

800-37
800-53A
Experience with NIST SP 800-53
ISO
PCI
NIST
Encryption technologies
Firewalls
Changing technologies implemented
Encryption

Desired experience for security compliance analyst includes:

Preferred 2+ years’ experience in Information Security or Information Technology field
A four-year college degree is preferable, but significant experience in a complex learning environment can be substituted
This position is very technical
Proficiency in multiple programming languages, operating systems, system services, communications protocols, and network configuration is required (e.g., server platforms, CL, RPG, COBOL, Unix shell scripting, Perl, C, C++, Java, Visual Basic, product API’s, WIN NT, Linux, AIX, OS/400, Cisco routers and switches, Domino, MAC OS, relational databases, security products, network monitoring systems)
Understanding and knowledge of company policies, procedures, guidelines, and management practices is an on-going part of the job responsibilities
Timeliness and accuracy of work is essential

Security Compliance Analyst Examples

1

Security Compliance Analyst Job Description

Job Description Example
Our growing company is hiring for a security compliance analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security compliance analyst
  • Direct interface to the SOX and SSAE 16 audit team throughout entire audit lifecycle, representing the IT organization
  • Works directly with control owners to oversee the development, documentation and maintenance of the IT SOX and SSAE 16 control framework
  • Works directly with controls owners and internal teams to formulate remediation plans for all identified findings
  • Be the single point of contact for all customer security RFI & communications
  • Assist auditors, consultants, customers and other third parties with information security questionnaires, audits, reviews, investigations
  • Provide technical auditing duties as liaison between IT and Internal Auditing Department
  • Inspect and evaluate financial and information systems, management procedures and security controls
  • Develop and administer risk-focused exams for IT systems
  • Review or interview personnel to establish security risks and complications
  • Execute and properly document the audit process on a variety of computing environments and computer applications
Qualifications for security compliance analyst
  • This individual will have excellent written and oral communication skills, interpersonal skills including the ability to articulate to both technical and non-technical audiences
  • Leadership skills (May lead project teams)
  • Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred
  • Understanding of Cloud industry technologies and IaaS, PaaS, SaaS platforms preferred
  • You are passionate about Information Security and Compliance
  • You communicate clearly and transparently
2

Security Compliance Analyst Job Description

Job Description Example
Our company is growing rapidly and is looking to fill the role of security compliance analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security compliance analyst
  • Lead Corporate IT compliance activities in partnership with Business Unit Compliance Teams including risk assessments, control testing, and issue remediation
  • Work with business teams and Governance Council to develop the organization's GRC capabilities within the RSA Archer application
  • Assists managers and team members to execute variety of IT compliance initiatives including policy implementation, training, monitoring and testing, risk assessments, remediation and reporting
  • Contributes to improve compliance procedures or processes
  • Perform Application Vulnerability Assessments using industry standard applications - IBM AppScan and Veracode
  • D eliver security and compliance consulting engagements
  • Support customer security and compliance audits
  • Provide support to answering customer security questionnaires
  • Support developing security and compliance trainings to internal Sales and Customer Success Groups
  • Updates and performs the necessary gap analysis
Qualifications for security compliance analyst
  • College degree (or equivalent work experience) in Information Assurance, Computer Science or Information Systems strongly preferred
  • Exceptional integrity is necessary
  • Serve as IT general controls subject matter expert and trusted advisor
  • Validate information security key controls to identify control risks, analyze root causes and trends in potential control weaknesses
  • Maintain awareness of external regulations for new or changed requirements within IT and identify industry standards for core IT processes
  • Partner and facilitate internal and external audits within IT, periodic assessments to address specific risks
3

Security Compliance Analyst Job Description

Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of security compliance analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security compliance analyst
  • Collecting artifacts / evidence which supports PCI compliance
  • Act as subject matter expert for business technology and business partners for PCI-related matters
  • Designs and enhances for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity
  • Conducts audit/compliance assessments to ensure ongoing evaluation and validation of IT control effectiveness
  • SAP Security Administration Functional & Technical Expertise
  • SAP GRC Functional Expertise
  • Support project deployments that impact/affect SAP security and user/role governance
  • Serving as point person for implementing SAP security architecture across various projects
  • Analyzing business requirements and implementing SAP security technical requirements
  • Recommending and developing security measures to protect information against unauthorized modification or loss
Qualifications for security compliance analyst
  • In depth knowledge of information assurance requirements as outlined within the NISPOM, NISPOM Supplement, DoD Overprint, Director of Central Intelligence Directives (DCIDs or ICD equivalents) 6/3
  • Ability to work with various/complex stakeholder groups & functions, senior level management
  • Minimum of 8 years experience including 3 years experience with cyber security, regulatory, or auditing activities
  • Broad knowledge of information privacy and security laws, access, release of information and release control technologies
  • Working knowledge of IT Security concepts related to securing data and communications such as
  • Demonstrated effective ability to work with executive and medical staffs, administration, department heads and other KPNW staff, external contacts
4

Security Compliance Analyst Job Description

Job Description Example
Our growing company is searching for experienced candidates for the position of security compliance analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security compliance analyst
  • Assist in design and implementation of remediation solutions that will effectively remediate issues in the short-term strategically for the long-term
  • Participate in review of security policies and associated procedures
  • Host scheduled internal and standards based audits
  • Develop control mapping mechanisms ensuring up to date expectations are being met
  • Support members of the Information Security Risk and Cyber Security teams as necessary
  • Works under general supervision.re-certificationfor HR systems
  • Act as liaison between HR Compliance and Security organization and HR business areas
  • Serve as focal point in providing guidance on compliance for new HR system integration
  • Interact with HRIS development and implementation team to develop and document processes in preparation for implementation into operational use within HR
  • Provide metrics on incident resolution and propose solution for improvement where applicable
Qualifications for security compliance analyst
  • Demonstrated success in implementing policies and new programs
  • Information technology management professional demonstrated competency certifications, especially professional information security certifications (CISSP, GIAC, CISA, CISM)
  • Knowledge and working understanding of core security controls and systems such as
  • Risk analysis quantification
  • Points of escalation
  • Requires the ability to perform physical tasks as-needed to complete special projects within a datacenter environment, such as access control and CCTV system installation
5

Security Compliance Analyst Job Description

Job Description Example
Our growing company is searching for experienced candidates for the position of security compliance analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security compliance analyst
  • Provide assistance in running pre-audit reports and distributing that data to all required parties across the Enterprise
  • Assist the Risk Management Team in the IT audit comments - follow-up process
  • Assist the Risk Management Team in discovering ownership for IT assets associated with OS/Application vulnerabilities
  • Perform risk assessment activities for Deere units across the enterprise
  • Perform root cause analysis of assessment findings to drive process improvements
  • Review existing processes for opportunities for continuous improvement
  • Provide security consulting to IT and the business partners
  • Develops, enhances and implements enterprise-wide security policies, procedures and standards
  • Monitors compliance with security policies, standards, guidelines and procedures
  • Ensures security compliance with legal and regulatory standards
Qualifications for security compliance analyst
  • Current certification with a major security systems manufacture
  • Understanding of disaster recovery and system criticality
  • Experience working independently to conduct technical investigations with diverse constituents, providing detailed written reports and presentations in a higher education, research, or healthcare environment
  • Highly advanced skills in PC/Macintosh/Unix workstation, Internet software skills, groupware, office productivity software, project management software, and architecture tools
  • 2 to 4 years experience within a Global On-demand environment with a focus on security and compliance
  • Software industry, knowledge of various security certifications

Related Job Descriptions

Resume Builder

Create a Resume in Minutes with Professional Resume Templates