Information Security Risk and Compliance Auditor

Kraft Group - Foxborough, MA

posted 2 months ago

Full-time - Mid Level
Foxborough, MA
Food Manufacturing

About the position

The Information Security Risk and Compliance Auditor at Kraft Group LLC is responsible for developing and implementing programs, policies, and practices to ensure compliance with industry and government regulations. This role involves collaboration with various internal departments to enhance security awareness, assess compliance, and support remediation efforts for non-compliant areas.

Responsibilities

  • Establish and manage a compliance calendar for training and attestations.
  • Identify and coordinate the delivery of IT security training and awareness for both technical and non-technical audiences.
  • Document and communicate policies and procedures related to IT security and risk management to key stakeholders.
  • Establish and maintain a repository of policies and procedures for internal use.
  • Leverage organizational risk assessments to improve IT security and compliance processes.
  • Collaborate with external partners on ad hoc risk assessments focusing on specific areas of concern.
  • Document and archive vendor risk assessment reviews and attestations.
  • Partner with business unit leadership on compliance standards and regulations such as PCI DSS, EU GDPR, and FDA CFR.
  • Act as an advisor on specific security requirements and their impact on business processes.
  • Assist in data protection program initiatives and communicate identified security risks to relevant parties.
  • Provide monthly reports on compliance activities and remediation efforts to key stakeholders.
  • Remain current in security practices and IT security regulatory compliance.

Requirements

  • Bachelor's degree in information technology, management information systems, or business administration.
  • 3 or more years of experience in information security, governance, IT audit, or risk management.
  • Strong understanding of security governance, compliance, and risk management principles.
  • Analytical ability to assess risks and adequacy of controls.
  • Strong written and verbal communication skills with all levels of management.
  • Ability to manage multiple tasks concurrently.

Nice-to-haves

  • CISA or similar certification.
  • CISSP or CISM certification preferred.
  • CobIT or related IT audit experience preferred.
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service