This job has expired

Cyber Controls and Compliance

Markit HIS
10-13 years
Not Specified

Job Description


Cyber Risk and AssuranceAssociate Director
Summary:
The Operational Assurance and Compliance (OAC) team provides oversight, support and monitoring to address risk and meet regulatory, contractual and best practice requirements. OAC is part of the Global InfoSec team. This position requires an understanding of cybersecurity and IT from both a business and technical perspective and have operational experience working in some or all of these areas. The successful candidate will work with various teams within IT, InfoSec, Sales, Product and Response Management.
This position is responsible, along with other team members, for assessing risk and control activities related to our various cloud environments, specifically AWS cloud native and VMC. Accountable for assisting in the design of the controls, mapping and assessing VMC and AWS controls, providing documentation for client assessments and due diligence, and operational compliance. Provide guidance to control owners in control design and identify areas of gaps and ineffective control implementation. Support internal customers as they transition to AWS and VMC ensuring their understanding of their controls and what is required to maintain a controlled environment. Define compliance report requirements, interpret and analyze report results and manage control remediations. Identify controls for automation and develop and implement the automation. The successful candidate must have the ability to grow and develop the role to align with our changing environment and technical landscape.
Specific Job Duties:
  • Develop processes to test automated and manual controls, identifying gaps and tracking items to resolution.
  • Manage the performance of operational assurance and control testing in areas of cybersecurity and IT related security areas.
  • Present the gap analyses from the results of assessing risk, to the various groups and facilitates the development of remediation plans and resolutions.
  • Monitor the work with stakeholders and staff to maintain the remediation plans and produce periodic status and compliance reports.
  • Partner with the Response Management team in responding to customer risk assessments and questionnaires regarding cloud environments, including speaking with customers directly when appropriate.
  • Develop relationships with various technical teams in building and updating consistent and accurate cloud responses for the Response Management team.
  • Ensure the associated teams are timely and accurate in managing the completion of the action items raised during control assessments and audits.
  • Ensure consistent cybersecurity content that can be utilized across customers and products and address relevant gaps.
  • Support product teams in understanding and executing controls in preparation to move to the Cloud or VMC.
  • Identify controls for automation and implement the automation.
  • Define compliance report requirements, interpret and analyze to create dashboards.
  • Work closely with other Cyber Security team members in developing a product and enterprise risk profile by product lines and technical services offerings.

Required Experience/Education:
  • Bachelor's degree, or equivalent prior work experience, at a minimum of 10 years.
  • General knowledge and work experience within Information Security, risk, vulnerability and IT.
  • Demonstrated experience with Cloud/VMC control environments preferred
  • Cross organization experience required.
  • Understanding of standard industry control frameworks.
  • Relevant certifications (CISA, CRISC, CISSP, CISM, etc.) a plus.

Required Skills:
  • Demonstrate experience working in a continuously evolving and transforming environment.
  • Good interpersonal skills and ability to work across various organizations and levels.
  • May be required to accommodate US work hours
  • Experience working remote of other team members.
  • Working knowledge and understanding of a shared services model.
  • Process oriented with exceptional organizational skills.
  • Must be able to work effectively in a matrix organization and foster team cooperation.
  • Ability to work effectively direct and indirectly managing colleagues.
  • Desire to learn about and stay current with a complex and rapidly changing environment.
  • Problem-solving skills, creative and collaborative in finding solutions related to complex and multilayered problems.
  • Critical thinking with the ability to use logic and reasoning to identify strengths and weaknesses of alternative solutions, conclusion or approaches.
  • Ability to work in a geographically dispersed team and independently with minimum supervision.
  • Attention to detail
  • O365 and Microsoft Office Suite, particularly Excel & SharePoint/Teams

Travel: Less than 20% travel may be required.
-----------------------------------------------
Inclusion and diversity are critical to the success of IHS Markit, and we actively encourage applications from people of all backgrounds. We are committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected category. For more information on the many ways in which we enthusiastically support inclusion and diversity efforts for both candidates and employees, please access our Inclusion & Diversity Statement .
We are proud to provide reasonable accommodations to applicants with disabilities. If you are interested in applying for employment with IHS Markit and need special assistance or an accommodation to use our website or to apply for a position, pleaseor call +1 212 849 0399. Determination on requests for reasonable accommodation are considered on a case-by-case basis.This contact information (email and phone) is intended for application assistance and accommodation requests only.We are unable to accept resumes or provide information about application status through the phone number or email address above. Resumes are only accepted through the online application process, and only qualified candidates will receive consideration and follow-up.
IHS Markit maintains a substance-free workplace employees may be asked to submit to a drug test (where permitted by law). In addition, as a federal contractor in the United States, the company participates in the E-Verify Program to confirm eligibility to work.
For informationplease click on the following links:
-----------------------------------------------
Current Colleagues
If you are currently employed by IHS Markit, please apply internally via the Workday internal careers site.

About Markit HIS

Job Source : careers.ihsmarkit.com

Similar Jobs

People Also Considered

Data Not Available

Career Advice to Find Better

Simple body text this will replace with orginal content