Description:
Compliance Assessments
- Manage risk assessment, scheduling, scoping, and execution of assessments.
- For all IT security control domains, measure compliance with both external requirements (e.g., contractual requirements with business partners; the SWIFT Customer Security Program) and internal policies and standards. Sample domains include: Logical Access Control, Data Protection (e.g., Encryption), Logging and Monitoring, and System Hardening.
- As part of scoping, identify and justify key control attributes for testing.
- Conduct informational walkthroughs to clarify processes and architectures. Swiftly grasp the underlying technology stack and end-to-end service delivery flows.
- Obtain artifacts to support the assessment of security controls and procedures, using a robust “trust but verify” approach. Proactively send and follow up on all requests.
- Present assessment findings and recommendations to management, concluding on the effectiveness and efficiency of control mechanisms.
- Document assessment results and cogent control process narratives in workpapers.
Compliance Advisory
- Advise IT, Segment, and business partners on security-related risks and control weaknesses. For identified security gaps, contribute to performing business impact analyses and determining appropriate remedies that minimize security threats.
- Articulate the elements of effective and sustainable control design to IT and business partners.
- Design and implement continuous control monitoring mechanisms, collaborating with IT, Segment, and business partners to source and interpret data that reflects the current state of the control environment for the organization.
- For targeted controls and systems, facilitate the collection of control attestations and questionnaires.
- Manage inventories and tracking of remediation efforts and compensating controls.
- Stay abreast of compliance and assessment trends within the organization, at suppliers, and from legislators and regulatory bodies
Additional Details:
- On-site position in New York City - Not Remote
- Strongly prefer someone from the Big 4 accounting firms and will also highly consider a candidate from the other top 10 firms (For example - BDO, Grant Thornton) or Audit Consulting firms.
- Must have proven experience in Auditing, scoping, testing and work on oversight of Audit remediation plans.
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.