Gov & Compliance Analyst III
This job is no longer active.
View similar jobs.
POST DATE 8/27/2016
END DATE 11/4/2016
StanCorp Financial Group, Inc.
JOB DESCRIPTIONMORE INFORMATION ABOUT THIS JOB:
Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.
If you want to make a positive difference and stand out from the crowd, you ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help people achieve financial well-being and peace of mind. Come join us and share our passion for serving our customers in a positively different way.
Be part of the Governance, Risk and IT Compliance department, which includes Enterprise Information Security, Business Continuity and IT Compliance disciplines.
Function as the main point of contact and knowledge around IT SOX compliance
* Manage or coordinate activities supporting enterprise-wide IT technology audits and assessments. This includes periodic control testing efforts, as well as working with internal and external auditors.
* Act as liaison between representatives from internal audit, external audit firms, Finance and IT to coordinate scoping, testing approaches, results and deficiencies.
* Work with process owners and create Risk & Control Matrix for processes identified through risk assessment
* Identify various compliance, information security and business continuity risks to the organization and makes recommendations for corrective actions/mitigation of risks.
* Develop and implement a control framework to monitor information systems for potential system noncompliance to control objectives, activities, security policies and standards, integrity exposure and control weaknesses.
* Work closely with engineers, developers, and product managers to define the compliance requirements in automated deployment and testing processes
* Contribute to an atmosphere of cross-functional teamwork within the organizations lean project lifecycle
* Prepare periodic reports, track program progress and report findings to Sr. Director of Information Security, and IT Senior Management.
* Work with various IT groups to ensure that information systems adhere to corporate policies and standards. Provide governance and compliance throughout the lifecycle of a project through delivery
* Perform special projects as assigned by manager or Sr. Director of Information Security
POSITION KNOWLEDGE, SKILLS AND ABILITIES:
Sarbanes-Oxley / IT audit experience, as well as IT Security compliance standards such as ISO 27001/2 and/or SOC2.
Strong understanding of IT General Controls, as well as network, OS, application and database controls.
Strong organizational and planning skills.
Strong interpersonal & influencing skills and an ability to work in a team environment.
Good communication skills (written & verbal) with all levels of the organization.
Ability to work with minimal supervision and deliver to tight deadlines
Knowledge of Governance, Risk and Compliance Frameworks (COSO, COBIT etc.).
Experience with GRC solutions, including building out controls and performing test work within the tool.
Bachelor s degree from a four-year college preferred and/or a professional certification requiring formal education beyond a two-year college, or equivalent experience.
* Big 4 IT Audit or Assurance Experience
* Participation in full life cycle implementations (from scoping/planning, requirements gathering, design, development, testing, go-live and support)
* Experience working in Lean IT/Agile/DevOps environment
* Experience participating in large business/system integration efforts
* 2 or more years experience in a IT Audit or Compliance role or 5 years of related experience.
* Software development methodology understanding and experience in the design, development or testing of a technology integration project.
For more information regarding your Equal Employment Opportunity applicant rights, please visit the URL: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf,