Information Security Compliance Manager Job in Pleasanton, California US

Information Security Compliance Manager

The KPIS Information Security Compliance (ISC) function provides subject matter expertise and staffing from technical, project management, coordination/facilitation/monitoring of security controls, and business consulting perspectives in support of IS Compliance activities. Members of ISC work across a number of compliance related initiatives to ensure appropriate processes, procedures and controls are adequately designed, implemented, remediated, and/or monitored to meet audit and compliance expectations (e.g.; SOX, PCI, HIPAA, Meaningful Use, SAS70/SSAE16, etc.), operating efficiency goals, and other business objectives. The continued evolution of Health Care reform has driven unprecedented changes in the regulatory and compliance landscape within the Health Care industry. In ISC's Monitoring Reporting function you will be responsible for partnering with business and technology constituencies to address these evolving challenges by embedding audit, risk, and compliance management competencies into Corrective Action Plan remediation strategies. The success of this unit requires dedicated professionals who possess the analytical, audit, relationship, nd executive summary skills needed to form highly reliable risk management strategies to meet various compliance requirements. At the Manager level within ISC's Monitoring Reporting unit you will be responsible for corrective action plan (CAP) remediation monitoring, issue identification, risk management, and associated reporting requirements. In addition, you will form highly reliable executive summaries, closure packages, and risk management strategies to meet various audit and compliance requirements. Other activities include ISC reporting, security control evaluation, and on-going monitoring of compliance with other defined control standards. Recommends modifications to established practices and procedures and successfully handles a full range of complex assignments, projects, and system functionality. Educates control owners on internal controls and provides expert consultation on IT security control issues and solutions to mitigate risk. Prepares status reports and provides analyses in an accurate, comprehensive and timely manner to upper management. Responsibilities of the ISC Manager include: -Managing KP's SOX, HIPPA-MU, and PCI compliance efforts, specifically within IT Security domain -This position may require leading team of Process Analyst, Business Analyst and or Program Managers -Key activities include designing and reviewing IT Control frameworks for SOX, HIPPA, and PCI, establishing and tracking compliance program plans -Collaborate with different Business and IT units to implement and sustain SOX, HIPPA, and PCI compliance programs -Maintain an in-depth understanding of the broad regulatory landscape impacting KP business and IT areas. Remain current with emerging regulatory sentiments as well as solution trends in the marketplace. Understand the impact of laws and regulations on KP systems and technology. -Work with client organizations within KPIT to ensure remediation efforts address noted deficiencies in a complete and organizationally appropriate manner, given organizational control policies and standards. This will require monitoring and coordination across a wide range of KP organizations, internal and external to KPIT. -Ensure databases/spreadsheets/CAP reporting systems accurately and timely reflect the status of all identified CAPs. -Ability to perform risk/security assessment studies to validate remediation approaches. Competent in performing interviews, documenting design assessments and walkthroughs of key controls (both new and existing). -Exhibit pragmatism in advising clients on process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. -Ensure remediation solutions are sustainable, measurable, and defensible, to ensure that compliance requirements continue to be maintained over time. - Develop and nurture trusted relationships with Business Partners, KPIT Leaders, IT Compliance Leaders, Security Compliance Officers and other Compliance Team Members to gain consensus approvals on strategies, recommendations, findings, project plans, etc. Qualifications: Basic Qualifications: - Bachelor degree in a related field required, Master's degree in Computer Science or IT or IS preferred. - 10 years technology risk management experience (e.g. Audit, Compliance, etc.) in a highly regulated industry. This would include the following disciplines: o Current information security and compliance vendor landscape o Control frameworks such as COSO, COBIT, ITIL, etc. o Regulatory knowledge in particular, HIPAA, SOX, Meaningful Use, SAS70/SSAE16, and PCI-DSS - Candidate should demonstrate versatility with a track record of experience in interpretation and application of a broad spectrum of regulatory imperatives. - Excellent written and verbal communication skills. - Strong client relationship focuses with internal and external business partners. Ability to manage and diffuse conflict, and to maintain productive working relationships with diverse body of clients. - Ideal candidate has a strong track record of influence in very large, consensus-driven organizations. - Candidate can function effectively as both a manager as well as an individual contributor. - Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to healthcare. - The qualified candidate should be a self starter', a leader with excellent oral and written communication skills, problem solving skills, should have the ability to bring different teams together. - In depth knowledge of IT Audits and Compliance (SOX, PCI, HIPPA, etc) Preferred Qualifications: - Certified Information Security Auditor/Manager (CISA/M) designation or CISSP. - Experience in internal consulting and customer account management; defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus. - Proven experience proposing enterprise level solutions to mitigate risk of receiving a material weakness in IT general controls. - Experience with process improvement methodologies (e.g. Six Sigma etc) - Significant IT Audit experience.

• Admin

  New
  • Log in

• Recent Jobs

  • Full Stack Engineer
  • Senior Full Stack Developer
  • Software Developer Engineer
  • iOS/Android Developer
  • DevOps for Connected Heating Systems
  • IT Architect
  • Agile Scrum Coach
  • HTML5 Front End Developer
  • .Net Developer (Switzerland)
  • Software Testers

• Categories

  • Financial
  • General
  • Healthcare
  • Technology

• Archives

  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015

• Tags

  Accounting & Finance careers in the Australia Accounting & Finance careers in the Hong Kong SAR Accounting & Finance careers in the Singapore Accounting & Finance careers in the UK Accounting & Finance careers in the USA Accounting) Alabama Us Alberta Canada Arizona Us Asset Management Asset Management careers in the Hong Kong SAR Asset Management careers in the UK Asset Management careers in the USA Associate AVP Baden Württemberg Germany Bayern Germany Business Analyst California Us Call Centres Capital Markets Capital Markets careers in the UK Colorado Us Commodities Commodities careers in the UK Compliance Connecticut Us Consultancy Corporate Banking Credit Debt Derivatives Director District Of Columbia Us Driver Equities Equities careers in the UK Fixed Income) Fixed Income careers in the UK Florida Us Foreign Exchange F recruitment Georgia Us Home Counties Uk Ile Of France France Illinois Us Indiana Us Information Technology careers in the Hong Kong SAR Information Technology careers in the Singapore Information Technology careers in the UK Information Technology careers in the USA Investment Banking Iowa Us Kansas Us Kentucky Us Legal London recruitment London Uk Louisiana Us M & A careers in the UK Manager Maryland Us Massachusetts Us Michigan Us Midlands Uk Minnesota Us Missouri Us Money Markets New Jersey Us New South Wales Australia New York Us Noord Holland Netherlands Nordrhein-Westfalen Germany North Carolina Us North West Uk Ohio Us Oklahoma Us Ontario Canada Operations careers in the UK Oregon Us Pennsylvania Us Private Banking Project Manager Queensland Australia Risk Management careers in the UK South Australia Australia South Carolina Us Southern Uk South West Uk Tennessee Us Texas Us UK Victoria Australia Virginia Us VP Washington Us Western Australia Australia Wisconsin Us Yorkshire Uk Zuid Holland Netherlands

• Links

  • Name.ly
  • Who-El.se?

• RSS

  • Entries (RSS)
  • Comments (RSS)