IT Compliance Specialist - augmentjobs
New York City, NY
About the Job
Overview
We are seeking a detail-oriented and experienced IT Compliance Specialist to join our team. The IT Compliance Specialist will be responsible for ensuring that our organization adheres to regulatory requirements, industry standards, and internal policies related to information technology and data security. This role requires expertise in IT compliance frameworks, risk management, and audit processes to mitigate risks and maintain a secure IT environment. The ideal candidate will have strong analytical skills, attention to detail, and the ability to collaborate with cross-functional teams to implement and maintain compliance programs effectively.
Roles and Responsibilities:
-
Compliance Management:
- Develop, implement, and maintain IT compliance programs and initiatives based on regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., ISO 27001).
- Conduct periodic audits, assessments, and gap analyses to evaluate IT systems, processes, and controls for compliance.
-
Policy Development and Documentation:
- Create and update IT policies, procedures, and guidelines to ensure alignment with regulatory requirements and organizational objectives.
- Communicate policies and procedures to stakeholders and ensure understanding and adherence across the organization.
-
Risk Assessment and Mitigation:
- Perform risk assessments and vulnerability scans to identify potential security gaps, weaknesses, and non-compliance issues.
- Develop and implement risk mitigation strategies and controls to address identified risks and vulnerabilities.
-
Audit and Monitoring:
- Coordinate and support internal and external audits, including preparation, documentation, and response to audit findings and recommendations.
- Monitor compliance metrics, key performance indicators (KPIs), and control effectiveness to ensure continuous compliance and security posture improvement.
-
Training and Awareness:
- Provide IT compliance training and awareness programs to educate employees on policies, procedures, and best practices for data protection and security.
- Foster a culture of compliance and accountability throughout the organization through training sessions and regular communications.
-
Incident Response and Investigation:
- Assist in incident response activities related to IT compliance incidents, data breaches, and security incidents.
- Conduct forensic investigations, root cause analysis, and remediation efforts to prevent recurrence and mitigate impact.
Compensation:
- Competitive base salary commensurate with experience and qualifications.
- Performance-based bonuses or incentives tied to compliance audit results, risk mitigation outcomes, and program effectiveness.
- Comprehensive benefits package including health insurance, retirement plans, and professional development opportunities.
- Potential for career growth and advancement within the organization based on performance and contributions to IT compliance initiatives.