Information Technology Security Specialist - Apex Systems

Location: Charlotte, NC

Hybrid with 3 days in office, 2 days remote

Must be able to work directly on W2.

Must have experience: previous financial industry experience, network monitoring, identifying and remedying security risks

Project Details:

Position

9+ Month Contract

Hourly Rate: $77.36 an hour W2

Location

Denver, CO. Must already be local to this market.

Onsite Expectation

3/2

Job Description

This role requires expertise in technology audits, data security, cloud environments, process controls, regulatory compliance, and metrics evaluation. The consultant will support documentation efforts, address compliance gaps, and ensure that DLP controls and processes meet standards such as NIST, ISO 27001, and FFIEC. Additionally, the consultant will evaluate current metrics, identify any gaps, and develop a plan to enhance performance indicators and reporting.

Key Responsibilities:

• Documentation Coordination and Compliance Assist with developing program documentation required to demonstrate DLP and Encryption regulatory compliance, ensuring alignment with internal standards and regulatory expectations.
• Identify and address documentation gaps, ensuring all processes, controls, and metrics support compliance.
• Maintain organized records for DLP-related processes across on-premise and cloud environments (AWS, Azure)
• Audit, Data Security, and Compliance Mapping
• Utilize audit expertise to map DLP controls to relevant laws, regulations, and standards, building a comprehensive compliance framework.
• Apply data security knowledge, especially within cloud environments, to ensure DLP controls meet regulatory requirements for cloud data protection.
• Metrics and Performance Enhancement Review existing DLP metrics and KPIs/KRIs to assess effectiveness in tracking compliance and performance.
• Identify gaps within the current metrics framework, developing a plan to enhance and optimize performance indicators.
• Collaborate with teams to implement new metrics, ensuring they align with regulatory standards such as FFIEC, NIST, and ISO 27001.
• Leverage Excel and advanced analytics to analyze data, assess trends, and create insightful reporting tools.
• Control Objectives
• Review control objectives aligned with current policies and industry standards, ensuring consistency across all technology controls.
• Ensure control objectives are measurable and can effectively demonstrate compliance during regulatory reviews.
• Program Documentation and Presentation Development
• Create detailed program documentation and visually engaging presentation materials outlining DLP program objectives, control effectiveness, and compliance status, which will provide an overview of the program and the associated controls.
• Prepare executive summaries and strategic overviews to communicate DLP risk trends, program strengths, and 2026 priorities.
• Tailor documentation and presentations for technical and non-technical stakeholders, ensuring clear and concise messaging.

Required Skills:

• 7+ years of Information Security Governance, Risk and/or Compliance, Information Technology or Business Analysis
• 5-7 years of experience interacting with auditors and regulators or experience working in an auditing or risk management capacity or within a consulting firm
• Deep Understanding of Data Loss Prevention and Encryption
• Strong understanding of security principles, protocols, and technologies, with expertise in areas like network security, DLP, and encryption.
• Experience with managing regulatory, compliance, risk, and governance processes or functions
• Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.
• Proven experience creating executive-level presentations and reports that convey complex information effectively.
• Strong proficiency with Excel for developing and refining metrics and reporting. Relevant certifications, such as CISA, CISSP, AWS Certified Security, or Azure Security Engineer, are a plus.
• Prior experience preparing for regulatory examinations, are a plus.

Preferred Skills:

• Experience in financial institutions or consulting with a focus on data protection and regulatory compliance.
• Prior experience preparing for regulatory examinations.
• Must Have Technical Cloud Security

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystems.com or 844-463-6178.