San Francisco Metro Area,
Post Date: 03/21/2018
Job ID: JN -032018-3618
Our fast growing technology client is looking for a Security Operations Compliance Analyst in its San Francisco/Bay Area location to join a team responsible for understanding and supporting organizational, procedural and technological security controls within the context of the global regulatory frameworks.
- Understand technical implementation details in order to assess and recommend security control improvements or identify mitigating controls
- Participate in the development and oversight of required corrective action plans relating to security compliance issues
- Support business relationships with the internal and external security auditors and regulators
- Identify, research and evaluate new compliance requirements and ensure they are incorporated into the security policy framework
- Help demonstrate commitment to security to external stakeholders
- Support the communication of policies, procedures, and plans to internal stakeholders regarding security and compliance best practices around applicable laws, regulations and controls
- Support the identification, validation and remediation of information technology controls required by ISO 27001, Payment Cardholder Information Data Security Standards (PCI DSS), SOC2 and SOC3 trust principles, HIPAA, FedRAMP, and other applicable regulatory compliance frameworks
- Prepare and complete annual risk assessments and assist with regulatory and accreditation audit preparation as needed
- Experience in 2 or more data security frameworks and regulatory standards including: PCI, SSAE16-SOC2, ISO27001/2, HIPAA and FedRAMP
- 3+ years minimum experience of compliance/audit experience in either consulting or enterprise security department
- Solid knowledge and experience of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
- Excellent communication skills, both written and verbal are a must
- Results driven, detail obsessed
Having been in business since 2006, Vivo is a full-service recruiting and consulting company, specializing in mid to senior level technology resources. Our brand promise is simple: we get people. We get that our clients don t want to waste time, and that our candidates and employees thrive when given honest feedback and an opportunity to grow.