it governance & risk Compliance analyst (it data security analyst ii)Alorica Teleservices, Inc.

This role is responsible for implementing and maintaining the information risk management and IT compliance strategy across the enterprise that will facilitate risk-based decisions and supports leading information security governance activities. Summary: This role is responsible for implementing and maintaining the information risk management and IT compliance strategy across the enterprise that will facilitate risk-based decisions and supports leading information security governance activities. Duties & Responsibilities Executing IT security risk assessments using industry standards and frameworks (e.g. NIST, ISO 17799, ISO/IEC 27002, etc), data security and privacy regulations (e.g. PCI, HIPAA). Identification, measuring, communicating, and prioritizing information security risks across the enterprise using a common framework that would be used for communicating our information security posture with Alorica clients. Manage action plans in response to information security risk assessment, tracks status, and report to IT security leadership. Interact with internal audit, third party auditors, and appropriate regulatory bodies and participate in all internal and external audit projects. Maintain risk, threat and controls library based on NIST 800-53, ISO 27002 and other standards and regulations, and provides guidance to internal departments. Oversee the validation of risk assessments, process and technology control designs, control gap identification, test scripts and evidence and identification of compensating controls. Manage IT remediation process including tracking and resolutions of findings from internal and/or external audit findings, risk assessments, self-reported items and other control assessments. Ensure that appropriate remediation plans are developed to appropriately mitigate vulnerabilities and defects in a timely manner to reduce risk to systems and information. Where potential system weaknesses are identified, partner with other team members within Information Security, IT and business units to implement compensating controls. Required experience: 3-4 years relevant experience IT Systems / IT Governance Information Assurance experience Information Risk Management
Monster

Metro Manila
Permanent
Full-time