Senior Information Security Compliance and Audit Analyst
Ingram Micro
full-time
Posted on:
Location Type: Hybrid
Location: Irvine • California, Illinois, Texas • 🇺🇸 United States
Visit company websiteSalary
💰 $93,000 - $158,100 per year
Job Level
Senior
About the role
- Manage and Support IT compliance activities for regional information security support of ISO27001 auditing, reporting and remediation where appropriate
- Coordinate and communicate IT compliance activities to align with Global Information Security leadership in support and improvement of ISO27001 management system
- Ensure regional Information Security compliance to Information security standards (ISO27001) requirements
- Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach
- Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures
- Execute operational activities to support IS audit and compliance activities including technical validation processes
- Execute collection of evidence to support compliance status
- Provide and present reporting including monthly metric delivery
- Manage escalation and enforcement for unresolved noncompliance issues
- Manage and Support External Audit activities and reporting
- Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives
- Support compliance and security validation of all 3rd party IT providers
- Maintain strong working relationships with internal and external support teams including Global, Regional and Country Information Security associates
- Work on special projects as required by management
- Stay abreast of changes within the Information Security compliance areas including business change requirements and regulatory changes from an international perspective
- Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations
- Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements
Requirements
- Bachelor’s degree in computer science, engineering, or related science and math discipline with an information security or business emphasis
- A minimum of 5 years of experience with IS compliance projects (specifically ISO27001)
- Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption
- Strong understanding of TCP/ IP and other network protocols
- Understanding of the basic audit best practices, standards and methodologies
- Ability to formulate detailed technical documentation preferred
- ASQ Certified Engineer, Auditor or OE Managers preferred
- Experience using SharePoint, MS Excel, Word, PowerPoint and Visio
- Must possess a valid passport and be legally allowed to leave and return to originating country.
Benefits
- Healthcare benefits
- Paid time off
- Parental leave
- 401(k) plan and company match
- Short-term and long-term disability coverage
- Basic life insurance
- Wellbeing benefits
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
ISO27001IS complianceaccess managementvulnerability managementpatch managementsecurity information event managementencryptionTCP/IPaudit best practicestechnical documentation
Soft skills
communicationleadershiprelationship managementproject managementproblem-solving
Certifications
Bachelor's degreeASQ Certified EngineerASQ Certified AuditorASQ Certified OE Manager