Compliance & Information Assurance Analyst

Overview

Use your information security expertise in this exciting opportunity and help drive our information assurance program by supporting our compliance efforts and developing material for our governance projects. In return, you will enjoy amazing benefits and be part of exciting growth within the corporate security team.

In this role, you will work closely with InfoSec compliance management, as well as other members of the compliance, legal, and client audit team to support regulatory, internal, and client and vendor audits. You will also have extensive opportunities to collaborate with employees across additional functional areas, including operations, training, and procurement. This position supports associated industry compliances such as SOC 2 Type 1 and Type 2 ISO 27001, CMMC and standards in accordance with CIS, NIST, CSC, HIPAA and PCI DSS security guidelines, regulations, and requirements.

Being successful in this position requires superior analytical and organizational skills, attention to detail, and discipline for accuracy, as well as confidence, discretion, good professional judgment, and personal initiative. It requires communications and relationship-building with compliance and client auditors. 

Responsibilities

• Communicate between the business, technology and compliance areas for general requests associated with standards and governing policies and procedures
• Assist with security risk assessment and audit activities for third-party services providers and vendors
• Assist in all aspects of information security associated to compliance and client audits (i.e. pre-on site deliverables, audit and assessment questionnaires, written response to audit report and/or findings)
• Assist in documentation, retention, reporting and clear articulation of audit related information (i.e. scope, findings, recommendations, corrective action plans and status tracking) and documentation to information security, compliance and business operations leadership as required
• Perform a variety of support and general administrative assignments in support of the audits or auditors, including filing, data entry, and tracking/correspondence while following established standards and work processes
• Assist with the maintenance of inventory of exceptions to information security policies, standards, controls, and configuration requirements for reporting to management, auditors and clients
• Act as resource and facilitate responses to general audit inquiries associated to clients and compliance audits
• Generate associated work orders as required in support of compliance evidence associated to client and compliance audits
• Assist in policy/procedure developments and on-going updates required under the collection agency industry regulations and standards
• Successfully set priorities, perform tasks in an orderly fashion, and meet time deadlines
• Stay informed of pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational information security policies, procedures, and processes

Requirements

• 3-5 years of experience in an IT security field
• Knowledge of information security and computer network access technologies
• Knowledge of data protection and integrity, operating systems and network security, authentication, and security protocols
• Strong interpersonal and communication skills to work effectively with IT and business units
• Experience with vendor risk management including GRC processes and tools
• Experience working with security programs including risk assessments and forensic research, designing security architectures, and developing policies
• US citizenship and ability and willingness to obtain a security clearance
• Bachelor’s in computer science or related field, or equivalent relevant work experience

About Esri

Our passion for improving quality of life through geography is at the heart of everything we do. Esri’s geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.

Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

If you need a reasonable accommodation for any part of the employment process, please email askcareers@esri.com and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

#LI-REMOTE
#LI-NR5