Assist the IT Audit Security Manager
• In executing the framework for compliance with PCI-DSS, NIST 800-53, FISMA, FedRAMP, HIPAA, SOC 2, CJIS, etc.
• In executing a comprehensive, risk-based internal audit plan for the company’s IT security compliance requirements
• Perform gap assessment, compliance readiness, and monitoring activities across the Securus and its subsidiaries
• Develop a master control list, including clearly written failure points and testing procedures that effectively address the risks, controls and compliance issues
• Ensure work papers and documentary evidence are in accordance with professional auditing standards
• Prepare formal reports with tangible and cost-effective recommendations for management regarding the adequacy and effectiveness of compliance programs
• Follow up and validate the implementation of Plan of Action and Milestones (POA&M) to address audit results and recommendations
• Estimate required resources to complete assigned tasks and set realistic deadlines
• Maintain industry knowledge to interpret, advise and support IT compliance program
• Provide advisory services to IT for regulatory compliance areas
• Document data flow processes, narratives, testing procedures and results
• Maintain compliance database to ensure complete and timely reporting
Knowledge, Skills and Abilities
• Strong knowledge of UNIX, Windows, Linux/CentOS, Oracle, MySQL, SQL Server, router, firewall, SIEM, FIM, DLP, VPN, IDS, strong authentication, and web services
• Solid understanding of IT processes including operations, security, configuration, change, incident, problem and disaster recovery
• Knowledgeable in information security concepts, risk analysis, data privacy, etc.
• Ability to prioritize tasks, manage multiple projects, and meet deadlines
• B.A. / B.S. Degree in IT, Cyber Security, or Computer Science is required
• 3+ years’ hands-on work experience in PCI-DSS, NIST 800-53, FISMA, FedRAMP, HIPAA, SOC 2, CJIS, etc.
• Professional certification: CISSP, CISA, CISM, CRISC, CIPP, CIA, QSA, ISA, etc.
• CISA / QSA / ISA / FedRAMP qualification desired
• Master’s degree in IT or Cyber Security
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin.