Zero Trust Cyber Security Engineer
Leidos
Cyber Security
Cybersecurity Compliance Consultant, SOX and Compliance Testing
Truist
full-time
Posted on:
Origin: • 🇺🇸 United States • North Carolina
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecurityETL
About the role
- Perform SOX IT and cybersecurity compliance testing
- Identify and assess Truist’s Corporate cybersecurity legal, regulatory and industry compliance
- Assist in managing cybersecurity risk and compliance functions, including establishing cyber policies and standards designed to safeguard the firm’s systems and data
- Perform assessments to identify, manage and mitigate cyber risks
- Assess and guide remediation of compliance gaps
- Maintain library of cyber risks and controls and evaluate and track the cyber program maturity
- Serve as security advisor to business segments and functions
- Perform compliance assessments and tests of SOX IT and assist management response for identified Audit and compliance gaps
- Ensure internal compliance to SOX requirements
- Analyze requirements (data lineage, data mapping/tracing control, reporting requirement, threats, assess management, PCI, etc.) to support creation of enterprise-wide policies and standards
- Translate laws and regulations into operational functions and action steps for execution and compliance adherence
- Represent CCS when working with Truist Business Partners to understand business problems and provide security-enabled solutions
- Monitor reporting on information/cyber security compliance and related risk & controls programs to various audiences, including regulators/examiners
- Fulfill external and internal requests and communications with internal and external clients
- Identify solutions for potential regulatory risks and maintain an internal inventory of applicable U.S. laws and regulations pertaining to Information and cybersecurity
- Ensure regulatory rules are incorporated into appropriate compliance policies, standards, processes, training, and monitoring/testing activities at an enterprise level
- Work with stakeholders to perform cyber governance routines and conduct cyber risk and compliance assessments
- Perform data analysis and interpretation for risk factors, present KRI metrics and analysis, and recommend mitigation controls and remediation plans
Requirements
- Bachelor's degree in information technology, information systems, computer science or business-related field
- Six years of experience in a role of data analysis, statistical analysis, data transformation, data reconciliation and/or sophisticated data presentation or equivalent education and related training or experience
- Experience in ETL Development using standard tools
- Understanding of Enterprise Data Warehouse concepts and prior experience applying that understanding to query data in a Very Large Database (VLDB) environment
- Familiarity in using a query analysis tool
- Advanced knowledge in Excel and SharePoint (preferred)
- Clear ability to express complex multidisciplinary technical and business concepts verbally and in writing
- At least two years demonstrated experience as a SOX IT auditor and/or assessor (preferred)
- Two years demonstrated experience with IT/SOX IT Audit response and remediation activities (preferred)
- Previous experience with security controls audit execution (preferred)
- Previous experience with IAM controls audit execution (application, servers database and network) (preferred)
- Working knowledge with IAM governance tools (preferred)
- Working knowledge with SOX governance tools (preferred)
- Previous experience with metrics analysis and definition (preferred)
- Aptitude to understand and adapt to newer technologies
- Grounded understanding of applied enterprise information security technologies
- Demonstrate a consistent history of delivering on commitments
- Demonstrate critical thinking and problem-solving skills
- Able to work independently with limited supervision
- Excellent communication skills, both written and verbal, to both business and technology audiences
- At least one of the following certifications or equivalent experience: CISA, CISSP
- Language Fluency: English (Required)
- Office centric, 4 days a week in the office - Charlotte, Atlanta or Raleigh
- Work Shift: 1st shift (United States of America)
- Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need
- Travel: Minimal and up to 10%
