Email Opening Title IT Compliance Analyst  EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.   Description Conducts regular assessments/audits ensuring the secure operation of systems, implementation of and compliance with security policies and procedures, and developing remediation plans following security incidents and audit findings. This will include working with Information Technology, business unit and Internal Audit personnel to understand the state of compliance for production systems and working with various teams to mitigate identified issues Conducts regular controls assessments to ensure that systems are being operated securely and computer security policies and procedures are being implemented as defined in security plans in order to ensure continuous compliance with security policies and standards. Assesses and reports the state of system compliance to Information Technology senior management To ensure compliance with company policy and regulatory requirements. Audits applications for Federal and state compliance (i.e. Payment Card Industry [PCI], Sarbanes Oxley [SOX], Health Insurance Portability and Accountability Act [HIPAA], etc.) to ensure Paychex applications are compliant. Organizes annual audit activities related to SOX-404 and SSAE16 and Acts as the primary liaison with external auditors (i.e. - Ernst & Young, KPMG) to provide the state of compliance for the IT General Controls. Develops and manages remediation plans following data and information systems security incidents, working with system administrators to implement corrective measures and following up on audit findings and remediation plans. Manages and follows up on audit issues to ensure compliance to security policies and standards. Assists and trains Information Technology personnel as needed on the use of audit techniques and in developing methods for review and analysis of computerized information systems in order to assure the highest levels of corporate security. Develops and delivers the enterprise security awareness program in collaboration with corporate and business unit training resources to educate employees regarding security practices. Identify and advance process improvement initiatives to improve efficiency, quality, and/or reduce costs related to IT audit procedures. Participates in the Security Program Team to provide guidance and advice to technology team members on compliance related matters. Participates in the Security Review Board (SRB) as a primary or alternate representative providing a compliance perspective to SRB members related to security policies and standards, exceptions process and other topics requiring SRB approvals. May supervise the activities of Security Compliance Analyst I, II personnel and acts as a resource and advisor to less senior staff members.   Position Requirements BA/BS in Computer Science, Information Security Management is preferred or a related field A minimum of 4 to 5 years of experience directly related to Information Security, 1-3 of these years performing Information Security Auditing, or equivalent combination of education and experience. Technical or professional certifications such as CISA, CISSP, or GSNA are highly desirable. Strong problem solver, self-directing. Good verbal/written communication skills and be able to work directly with a variety of internal and external clients, business partners, external organizations.   Category Information Technology   Location NY, Rochester, Rochester 220 Kenneth Drive Office   Full-Time/Part-Time Full-Time   Req Number INF-15-00126   Open Date 7/16/2015   Hiring Manager(s) Mark Ballister   This position is currently not accepting applications. To search for an open position, please go to http://AdvancePartners.appone.com

AppOne.comTM   copyrightŠ1999-2021 HR Services, Inc. Click here for technical assistance.