Senior Cybersecurity Compliance Analyst

Security Ames, Iowa Clear Lake, Iowa New York Colorado Illinois Michigan Florida Texas North Carolina Virginia Minnesota Arkansas United States


Description

Senior Cybersecurity Compliance Analyst

 

COMPANY SUMMARY

Since 1992, Kingland's managed solutions have helped data-intensive, highly-regulated clients connect and protect their businesses. Kingland develops and manages enterprise-class software solutions using its Kingland Platform and teams of data and technology experts. Clients in the banking and capital markets, public accounting, insurance, and healthcare industries look to Kingland to create solutions to manage data, risk, compliance, customer insight and more. The Kingland Platform is a highly secure, cloud-optimized software platform that includes enterprise data management, text analytics, artificial intelligence and machine learning, and workflow and compliance management capabilities.

We are a team of talented individuals coming together to creatively solve complex problems, build great software, and deliver confidence to our clients. We strive to embody our core values of authenticity, creativity, excellence, and ownership throughout the workplace and provide our employees with exciting opportunities to grow year after year. With software that helps to ensure fairness, honesty, and transparency on a global stage, we seek people who believe in that mission as well – because we take pride in our reputation for serving our clients like no one else can.

Kingland is growing fast. We believe that each employee serves a vital role to the business and contributes to the success we see year and year again. Kingland is looking for individuals who like to tackle big challenges, want to work on mission-critical solutions, and have a desire to make a difference in the world. Kingland rewards the efforts that are given and treat their employees with appreciation and gratitude. Explore all the ways that quality of work meets quality of life at Kingland, and launch yourself on an exciting new adventure.

POSITION SUMMARY | Senior Cybersecurity Compliance Analyst

As a Senior Cybersecurity Compliance Analyst you will execute a wide range of duties to ensure all best practices related to security and data privacy are being followed at Kingland. A Senior Cybersecurity Compliance Analyst is responsible for working with the Chief Security Officer, internal Kingland teams, as well as external auditors to ensure Kingland's internal policies and standards remain in alignment with the appropriate external industry standards and practices. The ideal candidate has an established background in cybersecurity program management, such as authoring/updating policies and procedures, authoring risk assessment documents, performing audits and assessments, managing cybersecurity issues to completion, or similar experience in the field of cybersecurity program management.

RESPONSIBILITIES AND DUTIES | Senior Cybersecurity Compliance Analyst

  • Advise on updates to security policies, standards, process, and procedures related to Security and Data Privacy
  • Perform an assessment, using the Shared Assessment Framework Shared Control Assessment (SCA), annually to identify areas where Kingland may choose to improve its security and data privacy posture
  • Manage configurations of security compliance management tools, such as ZenGRC
  • Establish, using the Shared Assessment Framework Vendor Risk Management Maturity Model (VRMMM), a maturity rating of the third party risk management program each year
  • Initiate and ensure completion of a Privacy Impact Assessment (PIA) for each project / solution prior to solution deployment
  • Manage the daily workings of the Kingland Data Privacy program, to include configurations of data privacy tools, such as TrustArc
  • Manage the ongoing work efforts of the security compliance team, including alignment to Kingland and department goals, work package and task creation, and assisting Kingland program managers in overall work planning
  • Participate in the Cybersecurity Incident Response Team to employ strategy, standards, processes, and technology to detect, respond, and recover from security incidents and limit occurrence or reoccurrence by using risk-based triage
  • Work with Cybersecurity Operations to ensure security event logs and alerts from installed security solutions and tools are continuously monitored, such as firewalls, IDS/IPS, SIEM, and EDR
  • Perform internal and external vulnerability assessments and recommend remediation actions
  • Review new security initiatives to evaluate risk, and provide mitigation recommendations
  • Maintain knowledge of SOC2, ISO27001, NIST, CIS, and additional frameworks to ensures organizational compliance
  • Manage, support, and participate in internal/external audits
  • Participate in Disaster Recovery and Business Continuity planning and testing
  • Provide mentorship and assistance to junior members of the team, with minor management duties as required
  • Assist with the development and reporting of key performance indicators and data driven metrics related to the information security program
  • Perform risk management activities including impact assessments and risk assessments
  • Apply problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve corporate goals
  • Complete vulnerability management activities including vulnerability analysis and coordinating remediation efforts
  • Conduct third party risk assessments and vendor management to ensure all vendors are vetted, approved, and on-boarded according to defined policy/process, and have proper ongoing oversight to ensure Security and Regulatory compliance
  • Respond to Customer Security Assessments and inquiries while ensuring compliance with Customer Requirements

POSITION REQUIREMENTS | Senior Cybersecurity Compliance Analyst

  • Bachelor Degree or equivalent education, training, and work-related experience required
  • 5+ years of experience in the Information Security field (Risk Management, Audit, Compliance, and/or Security Operations roles)
  • Preferred Certifications: Security+, CISSP, CISM, CISA, OSCP, GSEC, GCIH, GCFE, GNFA, GCIA (not all required)
  • IT Cyber Security experience in a publicly traded and regulated environment to include one more of the following industries: Insurance, Financial Services, Medical
  • Demonstrated knowledge of HIPAA, PCI, SOC2, ISO27000, and NIST Cybersecurity Frameworks
  • Understanding of system, application, and cloud security, systems and network administration, and operating system hardening techniques
  • Experience with HITRUST preferred but not required
  • Solid knowledge of Windows and Linux operating systems, vulnerabilities, and administrative techniques
  • Proficiency in understanding audit principles, separation of duties, continuous monitoring, and defense in depth
  • Understands the following: Industry standard information security concepts, Organizational Change Management, Project Management and Business Analysis
  • Understanding of cloud technologies, computer networking, routing, and switching
  • Demonstrated detailed oriented self-starter and the ability to work independently with limited supervision and limited direction and in collaborative team environments
  • Ability to "wear multiple hats" at once and/or pivot quickly based on business need
  • Ability to balance competing priorities based on risk and criticality and independently develop initiatives
  • Excellent interpersonal, verbal, and written communication skills and the ability to communicate security risk and compliance-related concepts to a broad range of technical and non-technical staff
  • Ability to work with or support senior business leaders to understand business objectives/functions, identify risk factors, and communicate effective mitigation strategies

BENEFITS

Kingland has an awesome suite of benefits that sets us apart from others. We are authentic in our commitment to providing team members an exceptional experience where they feel supported and valued by the Company, in an environment where they are set up for success. We recognize that each individual has unique needs, and our health and welfare, wellness, lifestyle and total rewards benefits are designed for that reason.  Visit Kingland.com/Careers for a listing of the great benefits and perks we have to offer for this position!

 

SALARY RANGE

  • $85,000 - $120,000 Annually  
  • Salary range may be adjusted based on geographical location

 

LOCATION

  • Kingland offers modern office locations in our Ames or Clear Lake, Iowa facilities
  • Remote work locations that may be consider include, but are not limited to, Arkansas, Colorado, Florida, Illinois, Michigan, Minnesota, New York, North Carolina, Texas, and Virginia