IT Compliance Auditor in Dallas, TX at ClubCorp Systm

Date Posted: 9/28/2021

Job Snapshot

Job Description

Responsibilities:

  • Assist with remediation of control deficiencies and gaps identified during the audit process
  • Proactively identify gaps or conflicts in existing processes and help develop solutions with the stakeholders
  • Facilitate third-party attestations, audits (PCI-DSS, CCPA/GDPR, and SOX), and certification efforts for the organization
  • Assist process/control owners with the design/implementation of controls and related documentation (e.g., policies, procedures, narratives, and matrices
  • Work closely with both technology and business process owners to identify, document, and implement processes to address areas of critical risks
  • Ensure that all PCI-DSS, CCPA/GDPR, and SOX controls are implemented, documented, and monitored through the course of the year
  • Establish processes to support the controls and ensure that control self-assessments are conducted promptly with required completeness and accuracy
  • Support the Risk & Compliance team to implement processes and controls to ensure the company's compliance with other regulatory and industry mandates such as GDPR and CCPA
  • Participate in identifying and validating critical controls to address IT and business risks and work with various teams to address identified deficiencies
  • Participate in audits of third parties such as vendors, services providers, consulting organizations, etc.
  • Ensure that appropriate documentation in the form of policies, standards, and procedures is created and managed to support the various security, compliance, and audit requirements
  • Provide guidance and support to IT and business to ensure continued compliance with the various mandates
  • Endorse and support a compliance culture whereby employees are encouraged to seek clarifications and support for the company's compliance initiatives
  • Participate and provide input to Annual risk assessments, in-scope systems analysis, and coordination of the testing approach.
  • Participate in IT SOX walkthroughs to identify potential changes and control gaps and conduct IT SOX controls testing to evaluate controls' design and operating effectiveness following established procedures.
  • Provide input to periodic progress reporting, including the status of overall testing progress, open control deficiencies, and escalation when deficiencies are not remediated quickly.
  • Coordinate with IT personnel across the organization to implement required controls and ensure that process is followed to maintain appropriate evidence as required by the specific control.
  • Identify risk and control gaps and partner with the IT department to ensure internal control guidelines exist in ClubCorp systems and applications to ensure compliance with IT-related audits.
  • Responsible for working with process owners and external auditors to facilitate the execution of management's annual internal controls assessment following IT-related audits
  • Responsible for tracking and monitoring IT remediation efforts
  • Perform or assist with overseeing initial and periodic audits/analysis, mitigation, and remediation

QUALIFICATIONS

  • 3-5 years experience in an information security compliance, audit, or risk management role with hands-on experience in a multitude of compliance initiatives, including but not limited to:
    • PCI – DSS
    • EU-GDPR, CCPA
    • SOX
  • Experience with developing and implementing automation for controls and compliance is preferred
  • Strong analytical and problem-solving skills with the ability to function as a change agent
  • Demonstrated experience in working in a high paced multi-tasking environment
  • Understanding of security metrics and creation of valuable dashboards for management review and consumption
  • BS/BA degree in Computer Science, Information Systems, or other relevant field or commensurate experience
  • Prior responsibilities should include performing controls reviews and recommending, designing, and advising on applicable IT controls
  • Technically knowledgeable in cross-platform system security - particularly with regards to operating systems, databases, networking, and transactional processing environments
  • Knowledge of a variety of operating systems, including Windows and LINUX.
  • Strong desire to continuously learn
  • Excellent oral and written communication skills
  • Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future

Knowledge/Skills/Abilities:

  • Attention to detail and strong communication, analytical, and decision-making skills are a must
  • Experience in implementing and utilizing compliance frameworks such as COBIT, PCI – DSS and ISO 27001, etc.
  • Thorough understanding of SOX, GDPR, and the California Consumer Privacy Act (CCPA)
  • Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption, and key management, logging and monitoring, and application security
  • Familiarity with cloud-based environments and technologies with associated auditing methodologies
  • Excellent documentation and communication skills
  • Prior experience as a Big4 auditor preferred

Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process.

Whether you choose to apply or just leave your information, we look forward to staying connected with you.