Senior Security Compliance Analyst

Posted · Add Comment
Published: October 17, 2019
Clayton, Missouri
Job Type
Based on Experience


Essential Functions:

  • Risk and Vulnerability Management
  • Performs various cybersecurity risk management activities to include risk modeling, risk analysis, and various assessments of vendors, software solutions, and systems architectures
  • Leverage the risk management program to provide insight and data to stakeholders and leadership to enable the prioritization of initiatives and investments, leads the coordination of security compliance activities such as mitigation plan development, standards interpretation, issue reporting, procedure and control enhancements and audit preparation
  • Leads the development of controls for cyber assets ensuring applicability with corporate policies, procedures and applicable regulations, in order to address active cybersecurity risks
  • Serves as the Subject Matter Expert in discussions associated with cybersecurity controls and compliance with both internal and external parties
  • Performs reviews of IT processes and procedures to ensure they have adequate security provisions
  • Develops, techniques, procedures and utilities for improving the security assessment program, assurance and reporting
  • Creates and maintains reporting dashboards highlighting trends, progress, gaps, and other Information Security Metrics
  • Maintains and enhances Information Security Policy and Standards documentation and manages exceptions to standards
  • Conducts necessary IT compliance control monitoring and testing activities to determine the effectiveness of the controls
  • Map control requirements across information security frameworks to identify overlapping requirements and compliance efficiencies
  • Security Awareness
  • Assist with the implementation of the cybersecurity awareness education, training and communication strategies
  • Ensures security awareness program meets industry regulations, standards, and compliance requirements
  • Partners with Learning and Development group to enhance the organizational security awareness program to include the development of new content and changes to existing content
  • Prepare, publish, and communicate information on good security practices for employees and others

Position Requirements:

  • Must meet one of the following criteria:
  • Bachelor’s or Master's degree in Computer Science, Cybersecurity, Compliance or related field AND four years of IT or Security experience; or
  • High school diploma/GED AND a minimum of 10 years IT, compliance or security experience
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISM), Certified Information Systems Manager (CISA), GIAC (Global Information Assurance Certification)/GSNA (GIAC Systems & Network Auditors) or other similar certification preferred
  • Previous experience in cyber security field, including familiarity with compliance issues, risk management and/or regulatory requirements
  • Project management experience, the ability to plan, manage and maintain a complex, organizational wide program
  • Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance related concepts to a broad range of technical and non-technical staff
  • Familiarity with relevant industry framework and standards such as CIS, NIST Cybersecurity Framework, and COBIT, and applicable laws related to information security and privacy (e.g., ITAR, DFARS, GDPR, SOX, CFATS)
  • Possess basic knowledge of concepts related to information security and data privacy
  • The desire to engage in high profile, complex technology projects with multiple work streams
  • Ability to network across multiple organizations while earning the confidence and trust of colleagues
  • Support other information security and risk management related activities as needed
  • Approximately 10% travel required




Drop files here browse files ...

Related Jobs

April 1, 2020
Financial Analyst III   Clayton, MO
March 17, 2020
March 13, 2020
Security Architect   Chesterfield, MO
March 6, 2020
Are you sure you want to delete this file?