IT Compliance Auditor – ClubCorp Systm – Dallas, Texas 155419

Apply Now

The IT Compliance Auditor is primarily responsible for performing day to day IT compliance audits with a focus on Sarbanes-Oxley, PCI and other regulatory frameworks. This position reports to the IT Compliance Manager.

 

This position partners closely with IT teams, internal and external auditors, and other business partners to ensure that required IT SOX and IT General Controls are adequately performed.   

 

 

Responsibilities:

  • Assist with remediation of control deficiencies and gaps identified during the audit process
  • Proactively identify gaps or conflicts in existing processes and help develop solutions with the stakeholders
  • Facilitate third party attestations, audits (PCI-DSS, CCPA/GDPR and SOX), and certification efforts for the organization
  • Assist process/control owners with the design/implementation of controls and related documentation (e.g., policies, procedures, narratives, and matrices
  • Work closely with both technology and business process owners to identify, document, and implement processes to address areas of key risks
  • Ensure that all PCI-DSS, CCPA/GDPR and SOX controls are implemented, documented, and monitored through the course of the year
  • Establish processes to support the controls and ensure that control self-assessments are conducted promptly with required completeness and accuracy
  • Support the Risk & Compliance team to implement processes and controls to ensure the company's compliance with other regulatory and industry mandates such as GDPR and CCPA
  • Participate in identifying and validating critical controls to address IT and business risks and work with various teams to address identified deficiencies
  • Participate in audits of third parties such as vendors, services providers, consulting organizations, etc.
  • Ensure that appropriate documentation in the form of policies, standards, and procedures is created and managed to support the various security, compliance, and audit requirements
  • Provide guidance and support to IT and business to ensure continued compliance with the various mandates
  • Endorse and support a compliance culture whereby employees are encouraged to seek clarifications and support for the company's compliance initiatives
  • Participate and provide input to Annual risk assessments, in-scope systems analysis, and coordination of the testing approach.
  • Participate in IT SOX walkthroughs to identify potential changes and control gaps and conduct IT SOX controls testing to evaluate the design and operating effectiveness of controls in accordance with established procedures.
  • Provide input to periodic progress reporting including status of overall testing progress, open control deficiencies, and assist with escalation when deficiencies are not remediated timely.
  • Coordinate with IT personnel across the organization to implement required controls and ensure that process is followed to maintain appropriate evidence as required by the specific control.
  • Identify risk and control gaps and partner with the IT department to ensure internal control guidelines exist in ClubCorp systems and applications to ensure compliance with IT related audits.
  • Responsible for working with process owners and external auditors to facilitate the execution of management's annual internal controls assessment in accordance with IT related audits
  • Responsible for tracking and monitoring IT remediation efforts
  • Perform or assist with overseeing initial and periodic audits/analysis, mitigation, and remediation

 


 

Qualifications

:
- 3-5 years’ experience in an information security compliance, audit, or risk management role with hands-on experience in a multitude of compliance initiatives including but not limited to:
- PCI – DSS
- EU-GDPR, CCPA
- SOX  
- Experience with developing and implementing automation for controls and compliance is preferred
- Strong analytical and problem-solving skills with the ability to function as a change agent
- Demonstrated experience in working in a high paced multi-tasking environment
- Understanding of security metrics and creation of useful dashboards for management review and consumption   Knowledge/Skills/Abilities:
- Attention to detail and strong communication, analytical and decision-making skills are must 
- Experience in implementing and utilizing compliance frameworks such as COBIT, PCI – DSS and ISO 27001, etc.
- Thorough understanding of SOX, GDPR, and the California Consumer Privacy Act (CCPA)
- Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption, and key management, logging and monitoring and application security
- Familiarity with cloud-based environments and technologies with associated auditing methodologies
- Excellent documentation and communication skills
- Prior experience as a Big4 auditor preferred  

ClubCorp Systm

Apply Now
Back to All Jobs