The Compliance Analyst I is responsible for audit support and assistance of compliance monitoring for the information security and compliance program and working within the framework of established operating procedures to audit and monitor core security technologies used to protect network and information assets. Main responsibilities would include control mapping and process/procedure documentation with a heavy emphasis on HIPAA, PCI, SOC and other regulations, as required. Entry level knowledge of information security concepts and technologies such as networking, data loss prevention, cloud services, mobile devices, etc. is preferred as well as some experience with security frameworks such as ISO 27001, NIST and COBIT.

How you will contribute:

• Work with other IT personnel to assist in meeting compliance with applicable regulatory standards and compliance frameworks including HIPAA/HITECH, PCI, FISMA, GLBA, FDICIA, GDPR, NIST and others as required

• Working within established operating procedures, assist with audit & monitoring compliance for IT Security to include firm access, IT Administrative Access, IT Procedures, SOC Compliance, and Security Risk Assessment audit work

• Address Client Due Diligence Requests

• Review reports from other teams for compliance efforts (physical access review, backup restore results, etc.)

• Assist with the creation and management of the IT Security Audit Plan

• Assist in the implementation of the overall security strategy, policies, and procedures

• Participate in incident response procedures and activities as needed

• Assist with annual Forvis Mazars IT Security Risk Assessment

• Assist with the design and implementation of security awareness materials and information security training

• Maintain current knowledge of applicable federal and state privacy and security laws and accreditation standards, and monitor advancement in information security technologies to ensure organizational adaption and compliance

We are looking for people with Forward Vision and:

• Strong analytical, conceptual, and problem-solving abilities

• Ability to communicate ideas in both technical and business language

• Team oriented and skilled in working within a collaborative environment

• Strong written and verbal communication skills

• Ability to prioritize and execute tasks in a high-pressure environment

• Strong organizational skills, including the ability to meet deadlines and follow written policies and procedures

Preferred Qualifications:

• Bachelor's degree in a related field

• 0-3 years of information security audit/compliance experience

• 3 or more years of experience in a previous role or position of a similar nature having demonstrated moderate level skills as an analyst

• Relevant security analytic certifications such as Certified Information Systems Auditor (CISA) or Certified in Risk and Information Security Controls (CRISC)

• Knowledge of security and risk frameworks, standards, and best practices (i.e., PCI, HIPAA, ISO, NIST, COBIT, ITIL, etc.)

• Familiarity with regulatory requirements (e.g., GLBA, HIPAA, PCI, SOX, etc.)

• Experience conducting audits