Email Opening
Title

IT Compliance Analyst IV 
EOE StatementWe are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
 
Description

Design, implement and manage IT Security attestation and certification efforts which may include ISO27k, NYDFS, AICPA, SOC2, etc. Manage assessments/audits ensuring the secure operation of systems, implementation of and compliance with security policies and procedures, and developing remediation plans following security incidents and audit findings. This will include working with line and senior management to understand the state of compliance for production systems and working with cross-functional teams to mitigate identified issues. Manage / Supervise compliance personnel.

  • Plans and manages all IT security-related attestation and certification efforts for Paychex.

  • Conducts regular and special purpose controls assessments to ensure that systems are being operated securely and computer security policies and procedures are being implemented as defined in security plans in order to ensure continuous compliance with security policies and standards

  • Audits Paychex in-scope applications for regulatory, federal and state compliance (i.e. Payment Card Industry [PCI], Sarbanes Oxley [SOX], Health Insurance Portability and Accountability Act [HIPAA], etc.) to ensure Paychex applications are compliant.

  • Designs, develops and manages remediation plans following data and information systems security incidents, working with system administrators to implement corrective measures and following up on audit findings and remediation plans.

  • Manages and follows up on audit issues to ensure compliance to security policies and standards.

  • Trains Information Technology personnel as needed on the use of audit techniques and in developing methods for review and analysis of computerized information systems in order to assure the highest levels of corporate security.

  • Develops and delivers the enterprise security awareness program in collaboration with corporate and business unit training resources to educate employees regarding security practices.

  • Advances process improvement initiatives to improve efficiency, quality, and/or reduce costs related to IT audit practices.

  • Reports the state of compliance programs for inclusion in the Security Review Board and executive update meetings that are used to determine current security issues and future plans.

  • Manages and supervises personnel in support of audits and other compliance activities.

  • Develops and implements strategies/processes that validate policy and regulatory compliance in close coordination with internal auditors.

  • Manages security initiatives that span multiple business units in order to increase the company’s overall internal security.

  • Manages compliance activities to established budgets.

 
Position Requirements

  • BA/BS in Computer Science, Information Security Management is preferred or a related field with 5 to 8 years of experience directly related to Information Security preferred.

  • 3-5 of these years performing Information Security Auditing, or equivalent combination of education and experience.

  • Technical or professional certifications such as CISA, CISSP, or GSNA are highly desirable.

  • Strong problem solver, self-directing. Good verbal/written communication skills and be able to work directly with a variety of internal and external clients, business partners, external organizations.

 
Category Information Technology  
Location NY, Rochester, Rochester 220 Kenneth Drive Office  
Full-Time/Part-Time Full-Time  
Req Number INF-17-00164  
Open Date 7/24/2017  
Hiring Manager(s) Lisa Lombardi  

This position is currently not accepting applications.

To search for an open position, please go to http://AdvancePartners.appone.com
 


 
Click here for technical assistance.