The job below is no longer available.
About this job

Our client is looking for a Compliance Controls Assessor for a 12+ months contract in Lawrenceville, GA. This is a 100% onsite role. The Compliance Controls Assessor assists the Information Security Team by supporting Gwinnett Client Security staff in their efforts to protect Client systems. This position will be responsible for conducting Security Control Assessments for PCI-DSS, HIPAA, and CJIS, and working with IT to develop and enhance compliance-related processes.


BA or BS / MA or MS degree in Computer Science/Engineering, Information Security, Information Systems, Information Assurance, Information Security, Intelligence Studies, or Cybersecurity and five years of progressively responsible, professional level security and compliance experience in a large scale Information Technology environment; or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.

Preferred Experience:

Minimum 5 years of practical experience directly working with policy and regulatory mandates such as SOC1/SOC2, ISO27001/27002/27031, PCI-DSS, HIPAA, CJIS, and NIST Risk Management Framework and associated standards such as NIST sp800-171, sp800-34, sp800-53, etc.

Experience with regulatory compliance requirements (SOX, PCI-DSS, HIPAA, CJIS, etc.)

CISSP, CISM, CISA, CIPP or other equivalent certification

Experience working with other teams to create new processes and procedures to meet security and compliance requirements

Ability to handle multiple tasks under tight deadlines

Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change

Project management process, tools, and techniques

Knowledge of technology trends and developments

Must be a critical thinker with strong problem-solving skills

Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.

Excellent presentation and facilitation skills