IT Compliance Auditor – ClubCorp Systm – Dallas, Texas 155419

Apply Now

The IT Compliance Auditor is primarily
responsible for performing day to day IT compliance audits with a focus on
Sarbanes-Oxley, PCI and other regulatory frameworks. This position reports to the IT Compliance
Manager.

 

This position partners
closely with IT teams, internal and external auditors, and other business partners
to ensure that required IT SOX and IT General Controls are adequately
performed.   

 

 

Responsibilities:


  • Assist with remediation of
    control deficiencies and gaps identified during the audit process

  • Proactively identify gaps or
    conflicts in existing processes and help develop solutions with the
    stakeholders

  • Facilitate third party
    attestations, audits (PCI-DSS, CCPA/GDPR and SOX), and certification
    efforts for the organization

  • Assist process/control owners
    with the design/implementation of controls and related documentation
    (e.g., policies, procedures, narratives, and matrices

  • Work closely with both
    technology and business process owners to identify, document, and
    implement processes to address areas of key risks

  • Ensure that all PCI-DSS, CCPA/GDPR and SOX
    controls are implemented, documented, and monitored through the course of
    the year

  • Establish
    processes to support the controls and ensure that control self-assessments
    are conducted promptly with required completeness and accuracy

  • Support
    the Risk & Compliance team to implement processes and controls to
    ensure the company’s compliance with other regulatory and industry
    mandates such as GDPR and CCPA

  • Participate
    in identifying and validating critical controls to address IT and business
    risks and work with various teams to address identified deficiencies

  • Participate
    in audits of third parties such as vendors, services providers, consulting
    organizations, etc.

  • Ensure
    that appropriate documentation in the form of policies, standards, and
    procedures is created and managed to support the various security,
    compliance, and audit requirements

  • Provide
    guidance and support to IT and business to ensure continued compliance
    with the various mandates

  • Endorse
    and support a compliance culture whereby employees are encouraged to seek
    clarifications and support for the company’s compliance initiatives

  • Participate
    and provide input to Annual risk assessments, in-scope systems analysis,
    and coordination of the testing approach.

  • Participate
    in IT SOX walkthroughs to identify potential changes and control gaps and
    conduct IT SOX controls testing to evaluate the design and operating
    effectiveness of controls in accordance with established procedures.

  • Provide
    input to periodic progress reporting including status of overall testing
    progress, open control deficiencies, and assist with escalation when
    deficiencies are not remediated timely.

  • Coordinate
    with IT personnel across the organization to implement required controls
    and ensure that process is followed to maintain appropriate evidence as
    required by the specific control.

  • Identify
    risk and control gaps and partner with the IT department to ensure
    internal control guidelines exist in ClubCorp systems and applications to
    ensure compliance with IT related audits.

  • Responsible
    for working with process owners and external auditors to facilitate the
    execution of management’s annual internal controls assessment in
    accordance with IT related audits

  • Responsible
    for tracking and monitoring IT remediation efforts

  • Perform or assist with overseeing initial
    and periodic audits/analysis, mitigation, and remediation

 

 

Qualifications

:

– 3-5 years’ experience in an information security compliance, audit, or risk management role with hands-on experience in a multitude of compliance initiatives including but not limited to:
– PCI – DSS

– EU-GDPR, CCPA

– SOX

 

– Experience with developing and implementing automation for controls and compliance is preferred

– Strong analytical and problem-solving skills with the ability to function as a change agent

– Demonstrated experience in working in a high paced multi-tasking environment

– Understanding of security metrics and creation of useful dashboards for management review and consumption

 

Knowledge/Skills/Abilities:

– Attention to detail and strong communication, analytical and decision-making skills are must 

– Experience in implementing and utilizing compliance frameworks such as COBIT, PCI – DSS and ISO 27001, etc.

– Thorough understanding of SOX, GDPR, and the California Consumer Privacy Act (CCPA)

– Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption, and key management, logging and monitoring and application security

– Familiarity with cloud-based environments and technologies with associated auditing methodologies

– Excellent documentation and communication skills

– Prior experience as a Big4 auditor preferred

 

ClubCorp Systm

Apply Now