Mitchell International, Inc.

Senior IT Security Compliance Analyst

Job Location US-CA-San Diego
Job ID
17-7988
Type
Regular Hire

Company Overview

Mitchell International, Inc. is a leading provider of information and workflow solutions to the Property & Casualty Claims Industry and their supply chain partners. We solve interesting and complex problems that directly affect the customers our clients serve. We are constantly adapting to stay on the forefront of emerging technologies and we work diligently to maintain our position as a thought leader within our industry.

 

 

Job Description

Mitchell is looking for a Senior IT Security Compliance Analyst to join the San Diego Corporate Headquarters. This individual will contribute to a rapidly growing technology firm. As a Senior IT Security & Compliance Analyst, this individual will add value by ensuring the organization’s compliance with security and regulatory requirements (i.e. HIPAA, SSAE16, ISO27001, SOX, etc.) and industry best practices in the security space.  As a member of Information Security & Risk Management, this individual will also contribute to security-related initiatives within the Information Security Management System including IT Security Risk Assessments, IT Security Policy Management, Third-Party Security Management, Personnel Security, Compliance, and Business Continuity as well as various other security programs.

 

The candidate will assist the IT organization and broader enterprise with maintaining compliance with such security and IT frameworks as ISO 27001, ITIL, AICPA Trust Principles, and NIST.  This role will develop, define, maintain, and communicate policies, procedures, and standards, as well as conduct IT internal audits.  Furthermore, this candidate will be responsible for supervising and developing staff.

 

In addition to compliance, and assessment requirements of the IT Security & Compliance Analyst role, the candidate will have the opportunity to contribute to other areas within the Security & Risk Management arena. This includes projects related to such topics as:  Software Security Governance, Access Control, as well as various security initiatives.

 

 

Primary responsibilities include:

  • Actively contribute and manage a wide array of security projects. It will require out-of-the-box thinking, as the Security & Risk Management office is heavily consulted on a wide range of items
  • Works the Security & Risk Management office to develop a security program and security projects that address identified risks and business security requirements as well as defining metrics and reporting strategies that effectively communicate successes and progress of the security program along with developing budget projections based on short- and long-term goals and objectives
  • Monitors and reports on compliance with security policies, as well as the enforcement of policies within the IT department and throughout the organization, as well as with industry regulations, including HIPAA, GLBA, SSAE18|SOC2, SOX, GDPR, PIPEDA, NY Cybersecurity Law, ISO27001:2013, and FISMA
  • Proposes changes to existing policies and procedures based on a risk-based approach to ensure operating efficiency, effective risk mitigation, and regulatory compliance
  • Provide security communication, awareness and training for audiences, which may range from front line staff to senior management.

Qualifications

Education: Bachelor’s Degree, preferably in Accounting Information Systems or Business Information Systems.

Experience: 3+ years of relevant experience.  BigFour/Nat’l/SuperRegional CPA Firm experience a plus.

  • At least 1 year experience preferred in IT audit & control
  • Knowledge and experience with enterprise operating systems, including Windows, Linux
  • Good oral and presentation skills; excellent interpersonal skills
  • Proficient grammar, sentence structure and advanced report writing and technical writing skills.
  • Strong proficiency in Microsoft Word, Excel, PowerPoint, & Visio

Technical Skills & ExperienceKnowledge of COBIT, ITIL, ISO 27001, TCP/IP networking and routing protocols is a plus.  SOX, IT Audit, and SSAE16/18, SOC2 experience is a plus.

Licenses or CertificationsCISA, CPA, CIA, CISSP, CRISC, CGEIT, Network+.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us via our Talent Pools.