Compliance Controls Assessor - Full-time
Lawrenceville, GA 30049
Our client is looking for a Compliance Controls Assessor for a 12+ months contract in Lawrenceville, GA. This is a 100% onsite role. The Compliance Controls Assessor assists the Information Security Team by supporting Gwinnett Client Security staff in their efforts to protect Client systems. This position will be responsible for conducting Security Control Assessments for PCI-DSS, HIPAA, and CJIS, and working with IT to develop and enhance compliance-related processes.
BA or BS / MA or MS degree in Computer Science/Engineering, Information Security, Information Systems, Information Assurance, Information Security, Intelligence Studies, or Cybersecurity and five years of progressively responsible, professional level security and compliance experience in a large scale Information Technology environment; or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.
Minimum 5 years of practical experience directly working with policy and regulatory mandates such as SOC1/SOC2, ISO27001/27002/27031, PCI-DSS, HIPAA, CJIS, and NIST Risk Management Framework and associated standards such as NIST sp800-171, sp800-34, sp800-53, etc.
Experience with regulatory compliance requirements (SOX, PCI-DSS, HIPAA, CJIS, etc.)
CISSP, CISM, CISA, CIPP or other equivalent certification
Experience working with other teams to create new processes and procedures to meet security and compliance requirements
Ability to handle multiple tasks under tight deadlines
Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
Project management process, tools, and techniques
Knowledge of technology trends and developments
Must be a critical thinker with strong problem-solving skills
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
Excellent presentation and facilitation skills