Security & Compliance Analyst in Birmingham, AL at Vaco

Date Posted: 8/28/2019

Job Snapshot

Job Description

Required Activities:

  • Maintain ISO 27001:2013 and HIPAA compliancy Evaluate and understand the best practices around IT general/information security controls to ensure the confidentiality, integrity, and availability of our data and systems
  • Evaluate the effectiveness of existing controls and propose new controls and processes as appropriate
  • Perform Risk Assessments as they apply to internal controls compliance
  • Perform ongoing maintenance of policies and procedural documentation to ensure they adequately reflect the processes being followed while ensuring compliance with all relevant legal, regulatory, and contractual obligations
  • Document and report non-compliance issues Document the process of the specific controls within the IT Department and how they relate to other business units
  • Work with all departments and vendors to provide compliance documentation and ensure completeness and accuracy of documentation
  • Assist with the execution of an information security training and awareness program for employees
  • Complete security assessments for prospective and current clients, and communicate with these parties as needed to assure them of the quality and appropriateness for information security management system and controls

Skills:

  • Bachelor's Degree in Business, Accounting, or Technology related field strongly preferred
  • At least 2-3 years of industry experience (technology or audit)
  • Must understand at least one IT Security Control framework (e.g., ISO 27001, HITRUST's CSF, SOC 2, PCI, COBIT, CSA Star Program, etc.)