Job Description

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING!

This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below.

“Beware of scams. S3 never asks for money during its onboarding process.”

Title: IT Risk & Compliance Analyst
Contract Length: 6+ months
Location: Tampa, FL
On Site Work (5 days onsite/ 8am-5pm w/option 1 day remove after training.)

Job ref# 240435

**Expected to obtain Information Technology Infrastructure Library (ITIL) Certification within 6 months of employment in this position.**

Requirements:

• 3+ years of IT security, IT audit or other controls experience
• Identifying control gaps, drafting remediation plans, ushering
  remediation aspects through
• Assurance experience: audit compliance, risk assessments, vulnerability assessments, and compliance assessments
• ServiceNow, vulnerability scanning, firewall and firewall policy testing, SIEM tools, GRC tools, patching tools

Desired Qualifications:

• CISA or CRISC Certifications
• Experience with SOX and PCI controls
• Experience with the following: Splunk, Tenable, CyberArk

Duties:

• Assurance and Information Management: Ensures that quality methods and procedures are executed by the IT department to stay in compliance with regulatory requirements, Sarbanes-Oxley (SOX), PCI, contractual requirement
• Support collection, review and approval of compliance evidence, including accessing network monitoring tools and security tools to gather evidence during assurance activities.
• Administers the IT Compliance Management Systems and Governance, Risk, and Compliance (GRC) tool(s). Collect and sample evidence to support demonstration of compliance. Escalates out of compliance items to senior management.
• Participate in the implementation of technology-based tools (e.g.
  GRC) to support IT risk initiatives. Additionally, analyst adheres to
  company confidentiality and security requirements.
• Documents non-compliance issues, provides recommendations and Shepards remediation actions to ensure in their resolution.
• Performs quality audits across various IT&T functions to ensure quality standards, procedures, and methodologies are being followed. Monitors and reports on exceptions, risks and exposures to IT senior management.
• Conducting fact-based assessments of new and existing systems and technologies, Assessing the effectiveness of regulatory compliance controls. Providing subject matter expertise to help internal stakeholders manage risk and controls