Principal Compliance Analyst - IT

Job#: 2071482

Job Description:

Apex Systems, a World-Class Technology Solutions Provider, is seeking applicants for the below position on behalf of our client. Please apply if interested and qualified. Please note that only qualified candidates will be contacted.

Position: Principal IT Compliance Analyst

Location: Miami, FL

Duration : Permanent/Direct Hire

Rate Range : $95k-$130k base

Position Overview:

The Principal Analyst, IT Compliance is responsible for developing and documenting strategies that ensure that IT practices adhere to relevant laws, regulations, and industry standards, such as Sarbanes-Oxley (SOX) and Payment Card Industry (PCI) compliance. The Principal Analyst is a trusted advisor to senior management and has a lead role in compliance of applications and infrastructure.

The Principal Analyst is the Subject Matter Expert in compliance, conducts assessments of the most critical areas in the company, and implements controls to mitigate risks related to regulatory requirements. The role will maintain absolute confidentiality of sensitive files, data, and materials accessed, discussed, or observed while adhering to compliance policies and procedures.

Job Functions:

• Research and Innovation: Function as a SME for IT Compliance. Stay abreast of emerging technologies, industry trends, and best practices. Research new tools, frameworks, and methodologies that can enhance solution designs and delivery. Evaluate and recommend appropriate solutions. Develop and communicate technology roadmaps. Review and improve tools, methods, processes, and procedures.
• Regulatory Compliance Assessment: Conduct assessments and oversee assessments conducted by more junior analysts by reviewing evidence demonstrating the organization's compliance with applicable laws, regulations, and industry standards. This includes interviewing stakeholders to ensure compliance requirements are met and understood. Review policies, procedures, and controls to ensure alignment with requirements. The most senior role and decision maker in working with cross functional teams to resolve compliance issues.
• Policy and Procedure Development: Takes the lead in developing, reviewing, and update IT policies, procedures, and standards to address compliance requirements. Reviews and approves documents such as acceptable use policies and data retention policies plans. Represents the department in communicating policies and procedures to stakeholders and executive leadership.
• Compliance Monitoring and Reporting: Lead ongoing compliance activities, track regulatory changes, and prepare reports for management and regulatory agencies. Document compliance findings, issues, and serve as the decision maker for remediation efforts. Conduct impact assessments to determine the impact of regulatory changes and report findings to leadership. Assess compliance-related risks and lead the development of risk mitigation strategies. Stay abreast of regulatory changes and industry developments to ensure compliance programs remain current and effective.
• Internal and External Audits and Reviews: Conduct internal assessments and reviews to evaluate controls effectiveness and identify improvement areas. Review access controls, data protection measures, and security configurations. Lead the response to Internal and External Audits and other stakeholders findings and inquiries, preparing and presenting official documentation where appropriate.
• Vendor and Third-Party Compliance Management (15%): Provide oversight and decision making in vendor selection, assess the compliance of vendors and third-party service providers to ensure they meet all security and regulatory requirements. Oversee audits of third-party service providers and lead the work to resolve vendor issues.
• Training and Awareness (10%): Act as the top expert in compliance policies, standards, and procedures. Provide training and awareness programs to educate analyst team and stakeholders about compliance requirements and best practices.
• Accurate and timely report of time.
• Performs other duties as assigned.

Qualifications:

• Bachelors Degree in Information Security/Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience required. Master's degree preferred.
• 10 years Working in a compliance role as part of a large Information Technology department documenting and communicating regulatory requirements, standards, policies, procedures and vulnerabilities related to compliance required.
• 10 years Auditor/assessor in a regulatory environment required.
• 10 years conducting assessments specific to PCI an SOX required.
• 10 years applying access controls and IAM principles required.
• 10 years implementing and assessing segregation or separations of duties required.
• 10 years leading compliance the most critical projects required.
• 5 years participating in cross-functional technology teams required.
• 5 years planning and managing large projects required.1 years auditor for IT systems required.
• 1 years in the cruise and/or travel industry preferred.

Knowledge, Skills & Abilities:

• Expert level knowledge of systems architecture and network applications and protocols, configuration, logging, monitoring, and administration to understand impacts on compliance.
• Ability to support a multisite enterprise environment.
• Leads in the field of regulatory and security standards and requirements including PCI, SOX and GDPR.
• Expertise in Cybersecurity frameworks such as NIST CSF.
• Advanced skills in critical thinking, creative problem solving, and root cause analysis with the ability to lead teams through this process.
• Outstanding analytical land attention to detail with exceptional business acumen.
• Ability to manage multiple tight deadlines, prioritize workload and achieve exceptional results.
• Ability to write and review comprehensive and concise technical reports and presentations to be consumed by non-technical individuals.
• Exceptional communication, team building, conflict management, and organizational skills
• Excellent track record of working collaboratively with cross-functional teams to achieve common goals and drive exceptional results.
• Proficiency in MS Office
• Proven ability to quickly learn and teach new technologies and concepts.

Licenses & Certifications preferred:

• CIA-Certified Internal Auditor
• Certified Project Management Professional (PMP)-PMI
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Financial Services Auditory (CFSA)
• CISSSP Certified Information Systems Security Professional
• CITGoogle Cloud Platform Certified IT General Controls Practitioner
• CSOXI Certified Sarbanes Oxley Act Practitioner

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6 months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.