We have an immediate requirement for a IT Compliance Specialist with our client in Auburn Hills, MI.
The Client Compliance Specialist will be a member of the team ensuring IT compliance practices are being implemented and followed at Client . The candidate should have a thorough understanding of SOX IT General Controls, Application Level Controls (ALC) and Data Privacy regulations.
- Coordinate and assist with testing and evaluating IT systems and controls for SOX compliance.
- Make recommendations for enhancement of IT system controls and process improvements.
- Guide the project teams on IT risk and control / compliance requirements for new systems.
- Develop and foster effective working relationships within IT, Key Business Partners, Corporate Audit, Legal, GCA, ICFR, External Audit and Compliance personnel and ensure timely and complete communication is provided.
- Support Vendor Risk Assessments reviews.
- Participate on the Global client SOX and Data Privacy teams.
- Support review of adherence to the European Commission General Data Protection Regulation (GDPR).
- Support Privacy by Design (PbD) projects as appropriate.
- Promote data privacy awareness events and Privacy Advocate development.
- Support data privacy management – data inventory, data flow diagrams, identifying databases and servers where PII is stored.
- Work with business owners, client support, and Info Sec to understand processes for access to applications/systems processing/storing PII.
- Manage Remediation/Process Improvements – remediation activities from audits and other assessments, Privacy Awareness Training, maintain checklists, support client Security initiatives, data privacy statements, leverage other tools for privacy governance/compliance/analysis, and coordination of privacy events.
- Perform Privacy Impact Assessment (PIA) / Data Privacy Impact Assessments (DPIA).
- Provide support to Corporate Audit – Privacy Shield and Vendor/Internal assessments.
- Collaborate with Legal and Procurement to develop and implement process to administer GDPR requirements to existing supplier base.
- Collaborate with InfoSec to conduct detailed vendor risk assessment via review of the Privacy Questionnaire completed by the vendor. Assess the adequacy of the vendor’s privacy practices, identify and report any gaps or risks to relevant business stakeholders.
- Assist in the identification, implementation, and maintenance of organization information privacy policies and procedures.
- Assist in addressing questions and providing guidance, with respect to data handling practices, to business owners and client support
- Bachelor's Degree preferred
- Two to four years of experience in IT Audit/Compliance, and/or security/privacy operations
- In-depth knowledge of business processes as well as process controls and risks with an understanding on how this relates to the IT environment and audit procedures.
- Certified Information Systems Auditor (CISA) is preferred
- Managed IT general computing controls risk / SOX / compliance process including updates to the annual testing, test execution, review of test results, recommending solutions to gaps and addressing gaps with control owners
- Knowledge of commonly used concepts, practices, procedures and standards such as COBIT.
- Excellent Microsoft Excel, Visio, G Suite skills
- Strong organizational, time management and communication skills
- Must be able to work effectively with individuals at all levels in the organization
- Medical, Dental and Vision benefits, which start immediately upon hire.
- 401K Retirement Savings Plan
- 10 Paid Holidays
- 10 Paid Vacation Days annually
- Flexible spending
- Long-term and Short-term disability insurance
- Life and AD&D insurance