Sr Security Controls Analyst

Job Description

About Conduent

Conduent delivers mission-critical services and solutions on behalf of businesses and governments creating exceptional outcomes for its clients and the millions of people who count on them. Through people, process and technology, Conduent solutions and services automate workflows, improve efficiencies, reduce costs and enable revenue growth. It’s why most Fortune 100 companies and over 500 government entities depend on Conduent every day to manage their essential interactions and move their operations forward.

 

Conduent’s differentiated services and solutions improve experiences for millions of people every day, including two-thirds of all insured patients in the U.S., 10 million employees who use its HR Services, and nearly nine million people who travel through toll systems daily. Conduent’s solutions deliver exceptional outcomes for its clients including $16 billion in medical bill savings, up to 40% efficiency increase in HR operations, and up to 40% improvement in processing costs, while driving higher end-user satisfaction. Learn more at www.conduent.com.


Job Description

Position Objective
Conduent is a business services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking an experienced Senior Compliance Analyst who has experience evaluating the security and compliance posture of information systems environment. The Compliance Monitoring Center (CMC) focuses on helping the organization look deeper and see further into the security of the environment to help improve and embed controls across the company. The CMC will be responsible for evaluating evidence by combining advanced data analysis and technology tools to offer our clients a sustainable yet high quality and efficient approach to managing their compliance. This Senior Compliance Analyst will be responsible for monitoring the controls environment across the organization against a standard predefined framework.

Job Responsibilities

  • Identify and monitor security controls against the Center for Internet Security (CIS) control framework to ensure compliance.
  • Perform targeted security compliance analysis and reporting by analyzing collecting, analyzing and summarizing information and produce accurate and reliable information for decision making and to support compliance monitoring activities.
  • Prepare and update evidence collection and compliance monitoring evaluation criteria as necessary.
  • Monitor progress of outstanding issues to ensure corrective actions are implemented to cure compliance violations or deficiencies.
  • Assist with the implementation of security controls when compliance issues are identified, if needed.
  • Assist with preparing and distributing periodic reporting. Assist in providing status updates on open compliance issues, assist in conducting investigations and ensure outstanding issues have been resolved in order to close all issues by the stated deadlines.
  • Perform the necessary administrative duties to update the compliance monitoring repository
  • Assist other security operations teams with additional tasks which may include but is not limited to:
    • Assist with the maintenance of the standard procedures for the administration, backup, disaster recovery, and operation of the systems infrastructure.
    • Assist with the maintenance of the technical architecture of the infrastructure systems, along with ensuring all components perform as expected to meet established service-level objectives for system uptime.
    • Assist in the performance routine equipment checks and preventative maintenance. Maintain up-to-date documentation of designs and configurations. Be responsible for new, policy and security compliance testing.
    • Assist with the maintenance of hardware or software revisions, applicable content, security patches, hardening, and documentation.
    • Assist with the deployment of content (policies, signatures, or rules) for the security infrastructure. Coordinate and conduct event collection, log management, event management, and compliance automation.
    • Assist in the response to day-to-day security change requests related to security operations.
    • Assist with the performance of collateral duties and responsibilities for Audit Support of the infrastructure.
  • Perform any other duties as assigned by Conduent management.

Minimum Qualifications

  • 5+ years of related experience within professional services, compliance monitoring, risk management, or IT internal/external audit.
  • Experience in IT controls monitoring for regulatory and compliance requirements like CIS, SOX, HIPAA, HITRUST, SSAE 16 - SOC 1 & SOC 2, PCI compliance – PCI DSS / PA-DSS, NIST, ISO 27001 & ISO 27002.
  • Understanding of business processes, internal control risk management, IT controls and related standards.
  • Experience in PowerPoint, Word, Excel; experience with Visio and MS Project.
  • Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations.
  • Familiarity with security, workflow and collaboration tools such Nessus Tenable, Splunk, Eracent, NNT, SharePoint and ServiceNow (Snow) is a plus
  • Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally.
  • Flexibility to travel up to 20% or as required.

Education

  • B.S. in Accounting Information Systems, Management Information Systems or Computer Science or related field at a minimum is required.

Professional Certifications

  • IT Security Certifications such as CIPP (Certified Information Privacy Professional), CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor), CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is required

Closing

Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by clicking on the following link, completing the accommodation request form, and submitting the request by using the "Submit" button at the bottom of the form. For those using Google Chrome or Mozilla Firefox please download the form first: click here to access or download the form.