IT Compliance Specialist - Remote - €500 a day - 6 months
As an IT Compliance Specialist, you will be part of the data team within the Central Tech department and responsible for supporting IT process owners throughout the business to document, maintain & monitor internal controls in line with our risk appetite and to maintain the quality of our processes.
Key job role:
- Act as a single point of contact for all risk & compliance matters affecting our on-prem data infrastructure (Hadoop)
Operational ticket analysis and resolution related to IT controls.
- Support process and control owners to understand and identify technology risks applicable to (but not limited to) SOX, PCI or GDPR, business continuity etc. and assist them in determining optimal controls (sustainable and right-sized) to mitigate risks.
- Provide stakeholders with cybersecurity or regulatory IT compliance-related risk expertise and knowledge.
- Liaise with other risk and audit teams (TRAC, Risk and Controls, Internal Audit, external auditors, etc.) to support compliance and audit activities affecting the application data services organisation.
Key job role:
- Act as a single point of contact for all risk & compliance matters affecting our on-prem data infrastructure (Hadoop)
Operational ticket analysis and resolution related to IT controls.
- Support process and control owners to understand and identify technology risks applicable to (but not limited to) SOX, PCI or GDPR, business continuity etc. and assist them in determining optimal controls (sustainable and right-sized) to mitigate risks.
- Provide stakeholders with cybersecurity or regulatory IT compliance-related risk expertise and knowledge.
- Liaise with other risk and audit teams (TRAC, Risk and Controls, Internal Audit, external auditors, etc.) to support compliance and audit activities affecting the application data services organisation.
- Provide audit support for SOX controls and PCI assessments with needed walkthroughs, documentation and follow-ups.
- Manage required coordination to close any audit deficiencies identified.
- Coordinate with IT control owners regarding control documentation, testing, evaluation, and necessary remediation.
- Identify potential control weaknesses and support the Risk & Controls team to influence control owners to implement agreed changes in a timely and effective manner.
- Build knowledge of internal IT controls, systems and process landscape to enable a clear understanding of the impact and Lead Initiatives affecting wider organizations.
- Be a "subject matter expert" in different risk and cybersecurity-related domains including familiarity with one or more industry-standard frameworks such as NIST, SOX, and PCI-DSS with advanced knowledge of implementing business resilience.
- Support risk owners to design controls that mitigate any relevant risks all the way through to implementation and monitoring.
- Provide advice on control design that is both sustainable and right sized (i.e. a simple solution for a simple problem, no overengineering).
- Support with SOX audit evidence requests.
- Coordinate new requests from the business functions and units for support with controls.
- Participate in sprint planning sessions from development teams to support risk identification, assessment and treatment during the development lifecycle.
- 5+ years of experience gained within IT risk, compliance, internal controls or audit.
- Working knowledge of SOx regulation and familiarity/working experience with SOX IT. PCI Experience is a plus
Business or IT degree/certificates (CISA, CISM)
- Hands-on experience with large e-commerce or tech companies preferable
- Familiarity with data governance principles and data systems is a plus
- Enthusiastic, self-starting and enjoys change and a dynamic environment
- Able to self-motivate, organise and take responsibility for own workload to ensure that deadlines and objectives are met
- Ability to multitask and prioritise work effectively.
- Fully comfortable working in English, both written and spoken
- Coordinate with IT control owners regarding control documentation, testing, evaluation, and necessary remediation.
- Identify potential control weaknesses and support the Risk & Controls team to influence control owners to implement agreed changes in a timely and effective manner.
- Build knowledge of internal IT controls, systems and process landscape to enable a clear understanding of the impact and Lead Initiatives affecting wider organizations.
- Be a "subject matter expert" in different risk and cybersecurity-related domains including familiarity with one or more industry-standard frameworks such as NIST, SOX, and PCI-DSS with advanced knowledge of implementing business resilience.
- Support risk owners to design controls that mitigate any relevant risks all the way through to implementation and monitoring.
- Provide advice on control design that is both sustainable and right sized (i.e. a simple solution for a simple problem, no overengineering).
- Support with SOX audit evidence requests.
- Coordinate new requests from the business functions and units for support with controls.
- Participate in sprint planning sessions from development teams to support risk identification, assessment and treatment during the development lifecycle.
- 5+ years of experience gained within IT risk, compliance, internal controls or audit.
- Working knowledge of SOx regulation and familiarity/working experience with SOX IT. PCI Experience is a plus
Business or IT degree/certificates (CISA, CISM)
- Hands-on experience with large e-commerce or tech companies preferable
- Familiarity with data governance principles and data systems is a plus
- Enthusiastic, self-starting and enjoys change and a dynamic environment
- Able to self-motivate, organise and take responsibility for own workload to ensure that deadlines and objectives are met
- Ability to multitask and prioritise work effectively.
- Fully comfortable working in English, both written and spoken
IT Compliance Specialist - Remote - €500 a day - 6 months
...
