Thứ Ba, 21 tháng 10, 2014

Analyst - IT Compliance Job (Detroit, MI, US)

Analyst - IT Compliance-INF0009937



The Analyst –IT Compliance role supports the activities of the IT Risk Management & Compliancegroup with exposure to the areas of IT Risk Management and IT Regulatory Compliance. This role will beresponsible for leading and executing projects at the direction of the assignedmanager, communicating program goals and objectives to IT and Businessmanagement and supporting achievement of the group’s operational objectives.



Major Duties/Responsibilities



- Lead and conducts ITCompliance Assessments (e.g. IT SOX Test of Design and Test of Effectiveness, IT controls assessments)

- Documents control deficiencies and assists with creation of Management Action Plans

- Ensures that quality assurance defects are addressed timely

- Assist in the management of the IT SOX Program by providing consulting and guidance on GM IT SOX requirements

- Design,interpret & communicate information security policies & controls

- Analyze operational IT processes to identify systemic risk issues

- Assist in analyzing IT processes and operations for IT risk impacts

- Network & maintain relationships with other GM stakeholder groups as necessary(e.g., Internal/External Audit, Legal, Privacy Office)

- Providesubject matter expertise for risk assessment, policy development and control self-assessment projects

- Reporting the results of program activities to IT management

- Train and educate the IT community on the importance of Risk Management, Compliance and Controls.



Qualifications

Knowledge/Skills/Abilities:



- 5-7years’ experience in executing internal or external audits, or conducting IT compliance assessments (SAP preferred, SOX preferred).

- Demonstrated experience in working in global teams.

- Extensive knowledge of internal controls industry standards for IT such as COBIT, COSOand ISO 27002.

- Demonstrated technical and professional skills.

- Strong Program / Project Management skills.

- Sound understanding of concepts and terminology in security domains including governance, risk management, architecture, compliance, and operations and able to express them in a clear and concise manner.

- Demonstrated sound written and verbal communication skills.

- Superior skills in the usage of the English language including grammar, punctuation, and spelling.

- Appropriate interpersonal styles and communication methods to work effectively with business partners and key internal / external stakeholders to meet mutual goals required.

- Ability to formally present and communicate to management.

- Strong negotiation and conflict management skills – the ability to facilitate and negotiate outcomes and decisions, and resolve areas of dispute in a constructive way.

- Expertise in documenting concepts intended for technical audiences.

- Extensive ability to grasp and understand technical concepts and transform them into usable documented material for non-technical users.

- Experience in creating user awareness guides, tips and techniques, online help, and other forms of security documentation.

- Able to work on multiple projects simultaneously, set priorities and meet deadlines.

- Able to work independently, with minimal direction, and manage workload with organization to meet expectations and objectives.

- Absorb,retain and organize information gathered from multiple sources and in a variety of formats.

- High level of integrity in dealing with confidential and sensitive information.

- Demonstrated superior skills with Microsoft Office software.



Education:



- Bachelor’s degree in Information Systems, Business Administration or related field acceptable with three years of experience in information technology.

- Obtained certifications in one or more of the following Preferred:

CIA, CISM, CISA, CISSP,CGEIT or CRISC

Primary Location: US-MI-Detroit

Posting Date: Oct 20, 2014, 12:19:52 PM - Ongoing

Job: Information Technology


Không có nhận xét nào:

Đăng nhận xét