The Compliance and Security Analyst servers as an IT and security compliance resource for the organization. The Compliance and Security Analyst supports compliance initiatives pertaining to information security and IT. The Compliance and Security Analyst will serve as a consultant and assist with monitoring the control efficacy of the distributed control owners. This role assists other team members where possible.
PRIMARY DUTIES AND ACCOUNTABILITIES
Assists with efforts to ensure continuous IT compliance with SOX, PCI DSS and other external and internal compliance requirements
- Support educating control owners on compliance
- Assist with performing ongoing compliance testing, to include documenting results and initial evidence assessment for appropriateness and completeness.
- Aid control owners to identify and remediate non-compliant processes and configurations
- Helps enforce policies, standards, and procedures that help ensure the confidentiality, integrity, and availability of Company owned assets, incorporating a regulatory perspective as appropriate
Administers the organizations internal and external security awareness program.
- Training: tracking completions, contribute to need analysis, content design, development, and training delivery
- Other educational/awareness campaign activities as needed
- Performs other compliance- or security-related activities as necessary
SKILLS, EDUCATIONAL BACKGROUND AND EXPERIENCE
- Bachelors degree (BS, BA) from a four-year college or university, or 1 to 2 years related experience/training; or equivalent combination of education and experience
- Previous experience participating in external audits or assessments and/or experience evaluating an organizations compliance with PCI-DSS
- Previous experience with PCI-DSS control requirements
- Previous experience evaluating an organizations compliance with SOX preferred
- Previous experience with SOX control requirements preferred
- Previous experience supporting concurrent projects
- Excellent verbal, written and listening communication skills, working with both technical and non-technical staff
- Excellent analytical reasoning skills to include storage, retrieval, matching and execution skills
- Strong time management, organizational, and project management skills
- Strong presentation and facilitation skills
- Proficient in Microsoft Office applications such as Excel, Word, PowerPoint and Outlook
- Proficient in Microsoft Access
- Able to apply high level critical thinking skills to understand and solve complex problems having multiple complex variables
- Able to work both independently as well as collaboratively achieving results within established timeframes
- Able to support multiple projects simultaneously, work in high-pressure situations and/or for extended hours
- Ability to travel domestically and international (<5%)
- Able to uphold Choices Values & Performance Principles of collaboration, performance excellence, sense of urgency, openness to new ideas, inclusion & diversity, integrity, customer focus, and respect.
- Desire to obtain security and privacy certifications (e.g., CISSP, CISA)
- Previous experience administering a security awareness program
Provided by: Anit.Arora@choicehotels.com
Choice Hotels is an equal opportunity employer committed to hiring a diverse workforce.