Risk and Compliance Analyst II, Lake Forest, Illinois (Salary Not Disclosed)
- Working knowledge of compliance tools such as the Unified Compliance Framework (UCF) Common Controls Hub (CCH) helpful, but not required
- BA/BS or equivalent preferred.
- 5-7 years of experience in related field preferred.
- Good verbal and written communication, facilitation, and interpersonal skills
- CISSP (Certified Information Systems Security Professional) certification or candidate for certification required
- CISA (Certified Information Security Auditor), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control) or CIPP (Certified Information Privacy Professional) certifications helpful, but not required
- Experience working with ISO 27001 (or similar) security framework, PCI DSS and CSA CCM standards in operational IT environment required
- Provides guidance with respect to needed changes to established IT Security policies based on day-to-day interactions with Company businesses.
- Serves as subject matter expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) as well as other frameworks and standards as required.
- Takes actions as directed to ensure business awareness of Data Privacy guidance, including the General Data Protection Regulation (GDPR), and appropriate engagement of Data Privacy office, as needed.
- Provides advice to global business units on actions needed to align business requirements with relevant global security frameworks, standards, policies, and procedures.
For More Info. Go To: http://bit.ly/2SuEjMH