Security & Compliance Analyst in Birmingham, AL at Vaco

Date Posted: 8/28/2019

Job Snapshot

Job Description

Required Activities:

  • Maintain ISO 27001:2013 and HIPAA compliancy Evaluate and understand the best practices around IT general/information security controls to ensure the confidentiality, integrity, and availability of our data and systems
  • Evaluate the effectiveness of existing controls and propose new controls and processes as appropriate
  • Perform Risk Assessments as they apply to internal controls compliance
  • Perform ongoing maintenance of policies and procedural documentation to ensure they adequately reflect the processes being followed while ensuring compliance with all relevant legal, regulatory, and contractual obligations
  • Document and report non-compliance issues Document the process of the specific controls within the IT Department and how they relate to other business units
  • Work with all departments and vendors to provide compliance documentation and ensure completeness and accuracy of documentation
  • Assist with the execution of an information security training and awareness program for employees
  • Complete security assessments for prospective and current clients, and communicate with these parties as needed to assure them of the quality and appropriateness for information security management system and controls


  • Bachelor's Degree in Business, Accounting, or Technology related field strongly preferred
  • At least 2-3 years of industry experience (technology or audit)
  • Must understand at least one IT Security Control framework (e.g., ISO 27001, HITRUST's CSF, SOC 2, PCI, COBIT, CSA Star Program, etc.)