HamptonRecruiter Since 2001
the smart solution for Hampton jobs

Compliance Principal Analyst

Company: Faneuil
Location: Hampton
Posted on: November 22, 2022

Job Description:

The Compliance Principal Analyst reports to the Director of Information Security Compliance. The Compliance Principal Analyst is responsible for implementing, testing and evaluating MARS-e Security Controls on applicable systems to provide internal governance to primarily achieve attestation.

The role will play an active part in performing internal assessments and recommend solutions to remediate issues related to MARS-e compliance. The role will also act as a liaison and manage interactions with external auditors.

Primary Responsibilities:

* Implement/Test/Evaluate MARS-e Security Controls on applicable systems
* Maintain a System Security Plan on applicable systems
* Meet with MHBE weekly to discuss information security related activities
* Provide Information Security reports to the CISO and management containing summary of vulnerability scans, security log review results, POAM efforts and any other relevant security event as deemed necessary
* Provide continuous monitoring per the system security plan
* Assess 1/3 of the applicable security controls according to MARS-e standards every year
* Assist with documenting the System Security Plan
* Maintain a Plan of Action and Milestone (POA&M) consistent with MARS-e , documenting all deficiencies
* Assist with Information Security investigations and incidents related to call center activity
* Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise

Secondary Responsibilities Could Include:

* Supporting the completion of compliance programs in addition to MARS-e, such as NIST 800-53, HITRUST, PCI Data Security Standard (PCI-DSS) Report on Compliance, SSAE 18 SOC 1 Type II and SOC 2 Type II compliance efforts
* Obtain and review evidence of compliance for adherence to standards
* Collaboration with other Compliance Analysts to identify overlaps with complementary compliance frameworks
* Work closely with cross-functional teams and develop strong relationships as an integral member of Information Security Compliance

Minimum Job Requirements:

* 4 years' experience implementing and maintaining NIST 800-53 or MARS-e Security controls
* 4 years' experience managing POA&Ms and performing security assessments
* Strong writing, communication, and organization skills
* A Bachelor's degree in Information Systems, Computer Science, Information Security or related field required, with understanding and experience with industry and regulatory standards

Highly Desired Skills / Attributes:

* Current CISSP, CISA, CISM certification or other certification(s) relevant to information security or strong desire and ability to obtain shortly after joining
* Multiple years of experience in IT Security, Corporate Risk Governance, or as an internal /external IT auditor, an internal security or risk assessment professional

Keywords: Faneuil, Hampton , Compliance Principal Analyst, Professions , Hampton, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Hampton RSS job feeds