This site uses cookies. To find out more, see our Cookies Policy

Senior Analyst - IT Compliance - 2864 in Houston, TX at Westlake Chemical

Date Posted: 2/13/2018

Job Snapshot

Job Description

SUMMARY:

The Senior Compliance Analyst position reports to the Director of Cybersecurity and will be responsible for compliance and assessment activities for IT.  This position will work closely with internal audit, legal, and risk management on regulatory compliance activities, audits, and risk assessments.

ESSENTIAL DUTIES and/or RESPONSIBILITIES:

  • Develop and maintains the IT compliance documentation repository including central IT policy and procedures. 

  • Experience with Sarbanes-Oxley (SOX) and HIPAA auditing and reporting

  • Lead IT Security controls assessments of vendors

  • Stays abreast of published security standards (NIST, PCI, ISO) that impact IT and business operations

  • Translates security and compliance requirements into workable policy and procedures for IT and Business areas

  • Supports internal and external audits, control reviews, risk assessments, and reporting as required

  • Monitors and performs internal testing of IT controls to support internal and external audits.  Document plans to mitigate risks.

  • Collects and performs data analysis to ensure compliance with IT controls.  Generates and distributes security compliance metrics.

  • Tracks and manages action plans for the resolution of issues identified during assessment and audits. Performs analysis and reporting of compliance gaps. Will assist in the implementation of action plans as well as provide compliance support to projects in order to improve performance of IT controls.

  • Prepares and collects evidence required to support litigation or Human Resources activities.  

    QUALIFICATIONS:

  • Bachelor’s degree in IT or a related field -or- equivalent work experience

  • 7+ years of experience in IT with a general understanding of the IT landscape

  • 2+ years of experience in IT control assessments like ISO, SSAE16 or HIPPA

  • Working knowledge or multiple security toolsets and supporting operating systems

  • Experience with Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and enterprise security architecture

  • Solid data analytic skills required to correlate multiple data points.

  • Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy

  • Advanced documentation, prioritization and change management skills

  • Ability to handle proprietary and sensitive information in a confidential manner

  • Certificate such as CISSP, CISA, CCSP preferred

    EDUCATION:

    Bachelor’s degree in computer related field and/or 7 years or more of practical Cybersecurity or Audit experience.

    PHYSICAL DEMANDS:

    While performing the duties of this job, the employee is frequently required to sit; stand; walk; use hands to touch, handle, or feel; reach with hands and arms; and talk or hear.  The employee is occasionally required to stoop, kneel, or crouch.  The employee must regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 50 pounds.  Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.

    WORK ENVIRONMENT:

    The noise level in the work environment is usually moderate as normally based in an office.  Some of the work may be required in the operating units which can require usage of required PPE including safety glasses, hearing protection, etc.  May also result in exposure to outside elements and may require usage of stairs and elevators.  Travel up to 25% including air travel or auto travel.