Security Analyst- Compliance - ReqCode 16000D6Q

This job is no longer active. View similar jobs.

POST DATE 8/31/2016
END DATE 10/12/2016

Dick's Sporting Goods Pittsburgh, PA

Company
Dick's Sporting Goods
Job Classification
Full Time
Company Ref #
50197553
Location
Pittsburgh, PA
Experience
Entry Level (0 - 2 years)
Job Type
Regular
Education
High School Diploma or GED
AJE Ref #
576036539

JOB DESCRIPTION

DescriptionThe Security Analyst will assist in the performance of Information Security vendor risk assessments, assist in IT compliance activities (e.g. SOX/PCI), develop and maintain internal policies/standards/procedures, and provide support for both the internal risk acceptance and data ownership processes. The Security Analyst will leverage understanding of information technology risks/controls and communication skills to support governance/compliance activities and to identify risk to business partners within IT and other business units.QualificationsPerform information security vendor risk assessments leveraging industry best practices, internal policy framework, and security/control frameworks.
Facilitate recurring access reviews, risk/control processes, and other compliance activities to support Information Technology compliance requirements.



Facilitate the risk acceptance process by assisting the organization with the identification of risks and defining compensating controls.


Develop and maintain policies/standards/procedures in partnership with Information Technology and other business units.


Serve as an internal information security consultant to the organization through involvement in key projects and governance/compliance activities.


Additional Skills:
Working knowledge of IT general controls (logical access, change management, operations, governance, etc)


Comprehensive knowledge of risks and controls across multiple layers of the OSI model and accompanying technologies (SQL/Unix/Windows/Oracle)


Working knowledge of security/control/governance frameworks such as ISO 27001/2, COBIT 4.1/5, NIST


Working knowledge of compliance requirements associated with SOX, PCI, and HIPAA/HITECH


Experience in IT control/risk assessment


Education: Bachelor's Degree


Experience: 3-5 years
3-5 years of experience in Information Security GRC, IT Audit, or IT Advisory/Consulting
CISA/CRISC/CISSP Certified preferred


img height=1 width=1 border=0 src=http://dsg.contacthr.com/50197553.jpg /