Security Risk And Compliance Consultant

We are looking for

• Conduct SOX audit on the Local account process including performing a Test of design (TOD) and Test of operating effectiveness (TOE).
• Perform Monthly JCT and terminations check and Remediation for select application population, which includes comparing three indicators of a job change event or terminations that occurred during the prior two weeks.
• Drive weekly operational review with the IAM leader to review trends, escalations, and exception requests.
• Document any account not meeting compliance which has been approved through means of mitigation or risk acceptance, including review of mitigating controls.
• Timely escalations on any deviation bottlenecks and address tasks with daily progress updates.
• Identify gaps in the Local account process (ex: scope) and own the process to communicate those gaps to relevant parties, and track remediation to closure.
• Research, recommend, and implement best practices in SOX compliance for continuous improvement of the Local Account.
• Maintain/Create process SOP, data flow diagram, and other program-specific documentation.
• Lead a small / Medial size team and ensure zero delivery issues.
• Perform detailed analysis and review to support defined requirements, including tests of control design and effectiveness for applications, databases, and the general computing environment.
• Perform follow-up with Asset owners or control owners on identified issues/weaknesses.
• Act as a technical expert for the IT Risk & Compliance team.
• Provide detailed reporting as defined by the program/project lead.
• Support and lead data analysis activities and projects.
• Additional supporting tasks as directed by the program/project lead.
• Ability to work independently and prepare Dashboards and Reports.
• Experience working independently & as a team player.
• Good written and verbal communication.
• Good problem-solving skills.

• Good Working knowledge of Windows and Linux.
• Security, risk, and compliance: Review analyst responsible for performing regulatory compliance and control implementation on critical systems (global) including applications, operating systems (servers), and databases to meet standard frameworks like ISO / GDPR / SOX, etc.
• Review of business applications, tools, platforms, etc. at each in-scope layer is critical to ensure regulatory compliance.
• Identity and Access Management: Access Review analyst responsible for performing regulatory compliance and control implementation on critical systems (global) including applications, operating systems (servers), and databases.
• A review of individual user access at each in-scope layer is critical to ensure regulatory compliance.
• Perform detailed analysis and review to support defined requirements, including tests of control design and effectiveness for applications, databases, and the general computing environment.
• Good understanding of Agile methodology and implementation.