The Data Security Functional Analyst in Information Management will be actively involved in supporting the overall internal controls and compliance functionality of Client’s data landscape globally. The Data Security Functional Analyst assists and supports the organization with ongoing requirements assessment, preparation, testing and monitoring of conformance to the requirements of various internal security policies and compliance regulations related to data assets.
Job Duties/Essential Functions
-Performs duties necessary to assist in establishing best practices and system configurations to ensure the safety of data assets and to protect information systems from intentional or inadvertent access.
-Conducts data security compliance assessments on new and existing Information Management systems and identify and/or implement processes to demonstrate and validate compliance requirements.
-Responds to compliance related discoveries by informing appropriate custodians, assist in determining root cause, and identify and execute remedial actions necessary.
-Partners with Information Management custodians to understand their respective compliance and security needs and assist with implementing practices and procedures consistent with Client policies and procedures.
-Reviews data access requests in accordance with data classification policies.
-Identifies risks and control gaps in the Information Management landscape.
-Develops a strategy to continuously monitor and control using platform specific (SQL Server/Oracle/Db2) auditing tools and Splunk.
-Develops shell scripts/SQL queries.
-Participates in internal and external audits related to database administration controls.
-Maintains current knowledge of industry trends and standards.
-Regular and reliable workplace attendance at your assigned location.
-Assists in other areas of the department as necessary.
-Assists in other areas of the company as necessary.
Ability to operate vehicles, equipment or machinery
Computer, phone, printer, copier, fax
Experience, skills, education & licenses/certifications
-1+ years of compliance, security, or audit experience.
-1+ years of data analysis.
-Experience in writing shell scripts/SQL queries.
-Experience identifying risks and implementing internal controls for risk mitigation.
-Knowledge of various compliance laws, regulations and standards (e.g. SOX, HIPAA, PCI, GDPR, PIPEDA).
-Experience in testing processes and systems against controls developed in accordance to laws, standards and regulations.
-Proven track record for successful delivery of projects and working cross-functionally with business and information technology teams.
-Proven ability to develop business relationships and communicate successfully across all levels.
-Exhibits excellent professional and diplomacy skills.
-Demonstrates strong sense of urgency and responsiveness.
-Proven ability to follow priorities and timelines while working independently or as an integral team member.
-Demonstrates strong analytical and problem solving skills.
-Proficiency in business or technical writing.
-Experience and willingness to teach/mentor others.
-Able to support off-hours work as required, including weekends, holidays, and 24/7 on call responsibilities on a rotational basis.
-International travel may be required.
-Prior experience with relational database management systems.
-Ability to translate highly technical solutions/problems to audiences at varying technical levels.
-One or more professional audit or security certifications such as CISA or CISSP or equivalent experience.