AdamsGabbert is assisting a client in downtown Kansas City, MO in finding a Compliance Analyst for a 6+ month contract. Responsible for specific assignments related to monitoring, testing and documenting information security controls.
· Ability to communicate across the organization and to include outside counterparts in other businesses industry-wide.
· Responsible for the development and implementation of effective awareness activities that maintain a high interest from the participants.
· Maintain knowledge of new technologies and corporate information systems as they affect information security.
· Maintain knowledge of industry regulations and corporate policies and how they affect corporate information systems.
· Areas of special emphasis include, but are not limited to, NERC Critical Infrastructure Protection (CIP) Standards and Sarbanes Oxley (SOX) requirements.
· Some experience with auditing IT security controls.
· Conduct self assessments of internal controls to ensure processes and procedures achieve compliance with regulatory standards and internal company policies.
· Validate the effectiveness of generally accepted information security controls.
· Research and maintain technical expertise in implementation and maintenance of information security controls.
· Write and execute test plans as assigned.
· Increase compliance awareness within the corporation by designing, developing and presenting training on all aspects of compliance.
· Identify possible compliance issues to information systems and supporting communication networks by testing controls and analyzing results produced.
· Assist asset owners with identifying remedies to findings.
· Analyze and report on compliance investigations.
· Contribute to the effectiveness of the compliance program by writing documentation and implementing departmental procedures.
· Ensure the compliance activities, functions, plans and recommendations meet the risk posture of the corporation and the goals and performance measurements of the Information Security and Compliance Department.
· Ensure corporate policies, standards and guidelines are being followed by helping with the coordination of compliance activities with other Information Security Analysts, Human Resources, departmental management and other departments.
· Lead and/or coordinate specific assignments related to developing, implementing, documenting and monitoring compliance activities for Information Technology.
· Lead and/or coordinate specific assignments related to developing, implementing, documenting and monitoring Critical Infrastructure Protection (CIP) program activities for the Company.
· Mentors other team members on proper auditing techniques of IT controls and documentation of test results.
· Participate in responses to NERC requests for comments, self certifications and spot checks.
· Prepare evidence for and participate in onsite audits.
Bachelor’s degree in Information Systems, Computer Science or related field, 5 years of information technology experience and auditing, and 3 years of direct NERC CIP Standards Compliance experience OR Associate’s degree in Information Systems, Computer Science or related field, 8 years of information technology experience and auditing, and 3 years of direct NERC CIP Standards Compliance experience or 10 years of information technology experience and auditing and 3 years of direct NERC CIP Standards Compliance experience is typically required. Skills in computer software, technical aptitude, and the ability to learn and utilize new software systems are required. Required to function independently to analyze information and report variances. Effective oral and written communication skills are necessary, especially the ability to present technical information to an audience with a broad range of information technology experience. The incumbent must pass a criminal and employment background investigation.