Acosta

IT Security Compliance Analyst

Acosta

full-time

Posted on:

Location Type: Hybrid

Location: JacksonvilleFloridaUnited States

Visit company website

Explore more

AI Apply
Apply

About the role

  • The Security Compliance Analyst supports the security compliance program, tracking completion and remediation of compliance activities, and documenting compliance program evidence.
  • Investigates and determines where threats exist based on input from the Security Operations Center (SOC) team, current policy requirements, and threat hunt information.
  • Responsible for company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices.
  • Assists with vulnerability management reporting including patch management tracking and software code analysis reports.
  • Collaborates with team to develop compliance program strategy.
  • Evaluates the security of vendors and hosted solutions based on approved Information Security standards.
  • Determines risk and potential impact based on emerging security threats.
  • Supports the security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; also supports Internal Audit activities and remediation requirements.
  • Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
  • Supports and updates a centralized repository of security controls aligned with corporate, regulatory, security framework requirements.
  • Coordinates the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent.
  • Collaborates with share service areas (internal controls, risk management, legal and HR) on the maturation of policies/procedures related to compliance activities.
  • Assists with identity management reviews from automated and manual systems.
  • Part of rotational on-call support for Tier 2
  • Perform other duties as required and/or assigned.

Requirements

  • Bachelor’s degree in computer science or related field is required
  • 5 or more years of experience in Information Security
  • Experience with laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
  • Familiarity with ISO/IEC 27001 standards or experience supporting ISO 27001 compliance activities is a plus
  • Proven information security audit experience
  • Experience with vulnerability management
  • Experience with third-party risk management and enterprise risk assessments
  • Experience with security awareness and training functions and tools
  • Proven analytical, strategic vision drawing on strong problem-solving abilities.
  • Able to prioritize and execute tasks in a high-pressure environment.
  • Strong written, oral, and interpersonal communication skills.
  • Ability to present ideas in business-friendly and user-friendly language appropriate to both executive and managerial audiences.
  • Highly self-motivated and directed.
  • Keen attention to detail.
  • Skilled in working within a team-oriented, collaborative environment.
Benefits
  • We prioritize your growth, development, and well-being to help you reach your full potential.
  • With programs designed to support a fulfilling work-life balance, we offer opportunities that fit your lifestyle and ambitions—whether you’re looking for part-time flexibility or full-time career advancement.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information securityvulnerability managementsecurity compliancerisk managementsecurity awareness trainingISO/IEC 27001SOXSOC IIsecurity auditenterprise risk assessments
Soft Skills
analytical skillsproblem-solvingcommunication skillsstrategic visionattention to detailself-motivatedcollaborativeprioritizationexecution under pressureinterpersonal skills