Security Compliance Specialist Job Description
Security compliance specialist
provides technical guidance and security expertise in the areas of secure application development, security architecture risk management and assessment, security policies and standards, security architectures and implementations.
Security Compliance Specialist Duties & Responsibilities
To write an effective security compliance specialist job description, begin by listing detailed duties, responsibilities and expectations. We have included security compliance specialist job description templates that you can modify and use.
Sample responsibilities for this position include:
Ensure compliance of business continuity management policies and process in accordance with local regulatory requirements
Develop and roll out business continuity and IT disaster recovery plan for the business
Act as contact point with stakeholders for emergency planning and tests, and ensure effective and efficient resolution of business interruptions
Determine security surveillance systems installation for all critical facilities
Develop a physical security framework in accordance to organization's policy and regulatory requirements
Maintain knowledge of latest industry trends and regulations related to business continuity management and physical security
Audit or review audits of role assignments at pre-determined intervals
Serve as the SME for the Function on Data Privacy legislation and requirements
Work with the HR IT organization to ensure system security designs meet necessary standards
Work with Legal and Corporate Compliance to establish and support the go-forward process for validating WTW Employees and Contractors against Government Exclusion Databases (OIG, SAM, ) as required
Security Compliance Specialist Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Compliance Specialist
List any licenses or certifications required by the position: CISSP, CISM, CISA, CCSP, ISO, SAP, CRISC, PMP, QSA, ISA
Education for Security Compliance Specialist
Typically a job would require a certain level of education.
Employers hiring for the security compliance specialist job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Information Technology, Education, Information Security, Management, Engineering, Business, Technical, Information Systems, Computer Studies
Skills for Security Compliance Specialist
Desired skills for security compliance specialist include:
Business Continuity & Quality Management
Application security
HIPAA
Audit and Risk Management
Bank’s Policies and Procedures in relation to IS
Common Certification Standards for IT Security
Cryptography
Development process and security process
FERPA
FedRAMP
Desired experience for security compliance specialist includes:
Minimum two (2) years of experience with PCI DSS v2.0/3.0
Minimum two (2) years of experience writing and interpreting information security policies and standards
One (1) year of Unix and Windows system administration preferred
Must have 7+ years of work experience in Information Security, Audit, Risk, and/or Compliance
Moderate knowledge of network architecture concepts including topology, protocols, and components
4-5 years experience in business continuity management and physical security, ideally in banking sector
Security Compliance Specialist Examples
1
Security Compliance Specialist Job Description
Job Description Example
Our growing company is looking for a security compliance specialist. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for security compliance specialist
- Interfaces with different technology teams business units to share the security strategy to achieve higher levels of enterprise security through information sharing and cooperation
- Interfaces with cross-functional teams (technology, business units, Compliance, Legal, Risk, ) to share the security strategy to achieve higher levels of enterprise security through information sharing and cooperation
- Updating the central ASCA tracker which includes all applications in scope
- Work with a variety of cross-functional teams to ensure compliance with laws, regulations and policies
- Understanding of Windows and Linus environments, preferably within a large distributed business
- Ability to conduct evidence collection using network and physical collection protocols, experience in infrastructure log analysis and correlation and ability to explain complex technical concepts to a non-technical audience will see you secure this rewarding role
- Execute Information Assurance Vulnerability Management (IAVM) programs
- Key member of project team responsible for performing cyber security assessments to support client cyber security programs
- Validate hardware configuration and software configurations via physical or logical walk-downs
- Document findings in accordance with client procedures
Qualifications for security compliance specialist
- Formal training and/or experience in risk management and computer system validation space highly desired
- Experience in development and/or support of large-scale computer systems in the Pharmaceutical or Healthcare industry
- Specific experience in a regulated environment with mastery knowledge of the core principles and practices of Regulatory Compliance (SOX, GxP, 21 CFR part 11, Infrastructure qualification, application validation)
- Thorough understanding of computer infrastructure and operations, including cloud based solutions
- Ability to work independently, manages multiple priorities, and work in an unstructured environment
- Strategic thinking, leadership and relationship management with a demonstrated ability to operate at senior/executive levels of a large international corporation
2
Security Compliance Specialist Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of security compliance specialist. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security compliance specialist
- Assist in performing CDA assessments per NEI 08-09 App
- Assist in evaluation of technical, operational and management controls for Critical Digital Assets
- Identify and recommend options for remediation of identified vulnerabilities, including the development of alternate controls
- Support Audit Readiness lead during external and internal Audit Activities
- Ability to successfully collaborate with AESIP FCD, GCSS-Army PMO and LSI on in support of all Audit Readiness requirement
- Ability to run SAP Security/SUIM reports to obtain information for audit inquiries and reviews
- Ability to generate, review, and follow up on exceptions for SAP Firefighter Access or elevated system access privileges
- Ability to use SAP system to research Firefighter history usage to gain information about individual activities
- Familiarity with SAP tables and queries to generate users data for role reaffirmation efforts
- Ability to effectively use all technology to document annual role reaffirmation efforts
Qualifications for security compliance specialist
- A minimum of 4 years in the Information Security field with IT audit experience and/or compliance experience a plus, preferably with a large financial institution or Big 4 firm
- Must have demonstrated knowledge of IT General Computer Controls, including Information Security, Information System Operations, Vendor Management, Business Continuity, Networks, Database, System Software, Hardware, and Application Development controls
- Strong analytical skills to analyze laws, regulations and translating the security requirements into appropriate security programs, projects, controls, and training
- Demonstrated excellent oral and written communication skills for interaction with all levels of management and staff including the ability to communicate regulatory requirements, security objectives, policies, and standards in business terms
- Strong team player with the ability to communicate effectively within cross-functional groups and perform peer reviews of work products
- Excellent organizational skills and critical attention to detail and deadlines with the ability to handle multiple projects simultaneously
3
Security Compliance Specialist Job Description
Job Description Example
Our growing company is searching for experienced candidates for the position of security compliance specialist. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security compliance specialist
- Ability to review SOD and CA reports for exceptions and to make recommendations to remediate SOD conflicts
- Solid understanding of SAP Security and User ID provisioning procedures Understand of authentication concepts
- Provide tactical and strategic GRC support to Audit Readiness remediation efforts for project systems including SAP ECC, Portal, PI, BI, Store & Forward, CUA, GRC, Netweaver Gateway, and CE
- Ability to diagnose SAP access and authorization issues and provide corrective recommendations
- Understanding of authentication concepts and regulatory compliance
- Requires a range of SAP technical, landscape and authorization knowledge
- Understand where to obtain various sources of audit information within an SAP environment
- Conduct SAP Role Reaffirmation process and other technical assessments to support customer requirements
- Manage, support and coordinate privileged access request process
- Provide governance monitoring of privileged access review
Qualifications for security compliance specialist
- Foundational knowledge in process flow diagrams, including the ability to dissect business processes to identify risks and controls
- Minimum four-year Computer Science degree, Business degree or equivalent combination of education and experience required
- Strong understanding of IT compliance frameworks (ISO 27001, CoBIT, ITIL)
- A minimum of 5 years’ experience working within the technical arena with 3 plus years of information security work experience
- Strong technical background in Tech Infrastructure and data paths
- Experience with the ISO 27001 and NIST security frameworks
4
Security Compliance Specialist Job Description
Job Description Example
Our growing company is hiring for a security compliance specialist. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for security compliance specialist
- Able to accomplish deliverables involving complex and highly analytical tasks
- Able to create detailed procedures for SAP Security and Compliance activities
- Provide technical assistance in training all levels of SAP users, including translation of ERP system technical literature in terms understandable to end users
- Ensure that Nestlé IT Standards are implemented in the Swiss Market and propose action plans & improvements to Business Units
- Provide and maintain the evidences database(s) during self-assessments and audits
- Maintain the Swiss Market compliance reporting
- Coordinate Information Security Program in accordance with business requirements & Nestlé guidance
- Implement & provide Information Security trainings to all employees of the Swiss Market
- Ensure appropriate level of awareness in the Suisse Market
- Build professional and effective working relationships with business process owners and management to promote information protection and best practices in their areas
Qualifications for security compliance specialist
- Minimum 2 years’ experience in a Financial Services or Regulated environment
- Technical writing experience must include policies, procedures and guidelines
- Experience in a banking or financial services organization
- CISA, CRISC, CISM, CGEIT, ISO 27001 or related audit and compliance certification and/or training preferred
- Professional information technology certifications (CISA, CISSP, etc) and, or advanced degree (MS, MBA, ) is required for career growth
- Mid-Level with minimum 3-5 years of experience in Information Security industry, preferably with experience in policy, compliance and risk
5
Security Compliance Specialist Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of security compliance specialist. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security compliance specialist
- Oversee the development of associated security and PCI compliance documentation
- Manage relationships with external auditors to explain Abbott’s security architecture
- Audit, assess, and aid remediation of all compliance-related procedural, policy, and technical issues
- Prepare meaningful and actionable reports to customers, providing thorough recommendations
- Participate in security planning and analyst activities
- Act as point of contact for project reporting and updates
- Collaborate with IT teams to ensure security is incorporated in projects
- Performs IT security audits related to security best practices such as user access control, separation of duties and system hardening
- Provides technical auditing duties as liaison between the IT department and internal and external auditing teams
- Perform regular assessments of user access to systems
Qualifications for security compliance specialist
- Minimum two (2) years of experience with PCI DSS preferred
- Minimum two (2) years of experience with Data Privacy related works preferred
- Experience with Security Incident Response is preferred
- Experience with Security Risk Management is preferred
- Understanding of network protocols and architecture (TCP/IP, ATM, WAN, Bridges, ) is required
- Conceptualization and design education, training and awareness programs (including but not limited to newsletters, alerts, online Healthstream training, phishing programs)