Senior Analyst, IT Security Compliance - Hot Topic & BoxLunch Hot Topic HQ - City of Industry, California Bookmark Share Print 142 0 0

Listing Description

Technology keeps the world moving - It’s no different here at Hot Topic. We are looking to add a Senior Analyst IT Security Compliance who is responsible for implementing and maintaining the information security compliance management framework and program. This position will be part of Information Security and work with IT, business, e-commerce, legal and business units to meet our compliance requirements.
 
The ideal candidate should have extensive experience in compliance management frameworks and programs, a deep understanding of general information security technologies and best practices, and knowledge of data privacy laws and regulations. This role must collaborate effectively with development, Legal, IT, engineering, and operations counterparts as well as internal and external employees to assess, report, and maintain compliance against applicable security industry standards and regulatory requirements.
 
Pay range is $100k-$125K
 
Please note the pay range for this position starts as listed in the job posting, but other factors such as an individual’s education, location, meeting the minimum job requirements for the role, training, and experience, will determine the final salary for potential new hires.

WHAT YOU'LL DO:
  • Lead and maintain security-related audits (PCI-DSS, SOX ITGC, application controls).  Ensure timely and complete responses to evidence requests and compile management responses and remediation plans as needed.  
  • Conduct regular security audits and assessments to identify vulnerabilities, compliance gaps, and areas of improvement.  Implement remediation plans and track progress to address identified issues.  Prepare status report and metrics to business, IT and security leadership on a regular basis.
  • Develop and deliver cybersecurity awareness programs and training sessions for employees. 
  • Participate in the vendor risk assessment process and provide security risk assessment services and contract reviews to ensure that third parties meet the company’s information security control requirements.
  • Develop and maintain IT security policy, standards and procedures based on company’s risk appetite, industry best practice guidelines, and regulatory requirements.
  • Lead incident response efforts, including investigation, containment, recovery, and reporting, and tracking of security incidents.
  • Advise and train IT process owners on best practices related to information security, cyber risks, IT General Controls, application controls, and remediation of any issues.   Serves as a subject matter export and trust advisor to business units and IT.

    • WHAT YOU'LL NEED:
  • A minimum of 5 years of experience in one or more information security roles, including IT security engineer, compliance and cyber risk management, IT Audit, security control process assurance or audit of technology controls.
  • Demonstrated deep background in risk treatment, controls selection, and information security controls process design.
  • Demonstrated experience working directly with internal and external auditors to satisfy audit requests, present evidence and provide management responses to findings that are identified during the audit or assessment.
  • Experience in cloud security controls in different cloud platforms (AWS, Microsoft Azure, GCP, Oracle Cloud).
  • Experience in web application and mobile application security.
  • Bachelor’s degree in information security, Management of Information Systems, Computer Science, Cyber Security or related field required.  Master’s degree in a related field is an advantage.
  • Professional security risk management is required such as CISSP, CISM, CISA, CRISC or other similar credentials.   

    • Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!