Information Technology Compliance Manager
Company: GLOBAL TEL*LINK CORPORATION
Posted on: September 9, 2018
GTL is looking for an experienced Information Technology Compliance Manager for the Reston, VA office. The position will be responsible for establishing and managing all information technology-related audit and compliance activities across the Company, its divisions and subsidiaries with a strong focus on Service Organization Control (SOC) 2 and Payment Card Industry Data Security Standard (PCI-DSS) compliance. Under the direction of the VP, Corporate Technologies, Security and Compliance, this position will lead complex and multifaceted audits and assessments of information technology to include: planning, coordinating, managing and reporting on all technology related audit and compliance activities. In addition to the compliance programs, this role will also be responsible for providing objective assessments of the Company's compliance with other regulatory and organizational requirements governing the information technology systems (PCI-DSS, HIPPA, FISMA, CJIS, SOC, Money Transmitter, etc.).
The Information TechnologyCompliance Manager will assist the VP in executing a comprehensive, risk-basedinternal audit plan for the company's information technology controls. Responsible for timely completion of assignedaudit reviews producing accurate, complete, and organized work papers. Performan unbiased evaluation of audit results and provide recommendations forinternal control improvements to management.
- Builda comprehensive SOC compliance program to establish Global Tel*Link as a leaderin the compliance arena.
- Establishand manage additional compliance programs across the Company (PCI-DSS, NIST,HIPPA, FISMA, CJIS, ISO27k, etc.)
- Providesubject matter expert advisory services to IT and the business as it relates toregulatory and industry compliance issues.
- Manages,coordinates and executes internal compliance testing, documentation andfollow-up.
- Negotiateswith internal departments and external business partners/vendors/consultantsregarding audit findings; authors all management responses for both internaland external assessments.
- Managesrelationships with key regulatory and industry assessment vendors.
- Worksalongside policy and standards team to incorporate changes into the enterprisepolicy document based on compliance assessment results.
- Leadsroot cause and remediation activities for remediation activities and relatedinformation security issues.Audit Responsibilities:
- Assistthe VP in the maintenance of a comprehensive risk assessment model
- Plan,perform and document audits in accordance with the Institute of InternalAuditing's Standards for the Professional Practice of Internal Auditing,generally accepted auditing standards, and with departmental policies andprocedures.
- Recommendand explore alternative courses of action for correcting control weaknesses,resolving operating problems or improving performance.
- Maintainrelationships with key personnel responsible for the designated auditunits.
- Stayabreast of organizational structure, policies and procedures within thedesignated audit units.
- Performspecial assignments, studies, and special projects.Qualifications:
- BA/BSDegree in MIS, Computer Science, Information Technology or related field.
- Aminimum of five (5) years of experience focused on SOC2 and PCI-DSS 3.2compliance activities.
- Ten(10) years of experience leading and managing IT Compliance Initiatives,preferably, HIPPA, FISMA, CJIS, ISO27k, PCI-DSS and SOC.
- Professionalaudit certification: ISO 27001 Lead Auditor, CISSP, CISA, CISM, CIPP, CIA, etc.
- Aqualified Subject Matter Expertise of specific Regulatory Standards, includingNIST 8300/FedRAMP, PCI-DSS, FISMA, CJIS, COBIT, HIPPA and ISO27k.
- Strongproject management skills and experience in managing multiple projects.
- Substantialknowledge of Information Security compliance and risk analysis, data privacyand other compliance requirements of an enterprise information security program.
- QSA-certifiedor ISA strongly desired.
- Ability to effectively prioritizeassignments in a fast-paced, dynamic environment.
- Proven ability to develop, communicate, motivate andinfluence teams.
- Excellent presentation, written and oral communicationskills.GTL & Telmate. Two technology leaders, one powerfulopportunity.
GTL, an innovation leader in correctional technology, educationsolutions that assist in rehabilitating inmates, and payment services solutionsfor government. GTL leads the fields of correctional technology, education, andgovernment payment services with visionary solutions and customized productsthat integrate seamlessly to deliver security, financial value, and operationalefficiencies while aiding inmate rehabilitation and reducing recidivism rates.
With the recent acquisition of Telmate, GTL has strengthened itssuite of solutions for the corrections industry and expanded its communitycorrections portfolio with Telmate Guardian, a smartphone-based GPS monitoringsolution. As a trusted industry leader, GTL provides services to over 2 millioninmates in more than 2,500 correctional facilities in the United States andCanada, including 33 U.S. departments of corrections, the District of Columbia,Puerto Rico, the U.S. Federal Bureau of Prisons, U.S. Immigration and CustomsEnforcement, and many large city/county/provincial facilities.
GTL is an Equal Opportunity Employer and considers qualifiedapplicants for employment without regard to race, color, creed, religion,national origin, sex, sexual orientation, age, disability, veteran status, orany other characteristic protected by law.
#DCE - provided by Dice Analysis, CISSP, DCE, GPS, ISO, Manager, Management, Security, Testing
Keywords: GLOBAL TEL*LINK CORPORATION, Reston , Information Technology Compliance Manager, Executive , Reston, Virginia
Didn't find what you're looking for? Search again!