Technology Audit and Compliance Consultant

Location: San Francisco, CA
Technology Audit and Compliance Consultant
 
OVERVIEW:
Technology Compliance consultant with experience in technology controls testing, security information management systems; the application and implementation of international and national standards such as ISO 27001, PCI, CoBIT, FedRAMP, HIPPA, PCI, SSAE16 SOC1/2, Privacy-GDPR/Privacy Shield
 
The consultant will support all aspects of the client’s technology operations and aim to provide a superior compliance and process management service throughout the company.  The focus of this contract is information security must have excellent experience in information security compliance preferably with a cloud company or environment.
 
Responsibilities:
 
The Technology Compliance Consultant will be responsible for interfacing with technology functions within the client, ensure compliance with existing technology controls framework.  Also interface with internal compliance and regulatory audit teams.
 
Perform operational control tasks to ensure compliance with Technology controls.  Assist process owners in the preparation and on-going maintenance of process documentation (policies, procedures, narratives, control matrices)
Manage and co-ordinate external audits of technology controls environment.
Proactively identify gaps or conflicts in existing processes and work to develop solutions Communicate potential control gaps to senior management and coordinate cross functional team meetings to remediate and close control gaps. Assist with the education and training of process owners within the Technology Controls framework.  Coordinate work assignments with process owners, external auditors, and internal auditors as necessary.  Perform technology controls testing and report results to Senior Management Assist with remediation of deficiencies Work independently as well as part of a team
 
Required Skills/Experience:
 
  • BS Degree in Computer Science or a technology related field.
  • 3+ years focus on technology controls
  • 3+ years’ experience and proven success in process improvement within a technology environment
  • Understanding of industry and compliance regulations as they apply to the "cloud”
  • Deep understanding of industry and compliance regulations as they apply to the cloud including ISO 27001, PCI, HIPAA, IRAP, FedRAMP, SOC1 or SOC2, and Policy Write Ups
  • Strong knowledge of and experience with the successful management of compliance obligations like: ISO 27001, FedRAMP, HIPPA, PCI, SSAE16 SOC1/2, Privacy-GDPR/Privacy Shield

Desired Skills/Experience:
  • Big 4 audit and consulting experience
  • CISA, CISM, and or CISSP preferred but not required
  • Strong organization, written and verbal communication skills across multiple levels and functions
  • Strong analytical and research skills
 
 
or
this job portal is powered by CATS