Risk & Compliance Analyst / Auditor
Jacksonville, FL, US, 32244
Requisition #: 19597
Functional Area: Audit/Risk/Compliance
Employment Type: Full-Time
Work Options: Remote / Work from Home in the US #LI-Remote
Work Hours: Standard business hours
Position Summary
The Information Security Risk Analyst position is responsible for assisting the Sr. Data Security Manager with evaluating conformance to data security standards and enforcing corporate data security and privacy controls. This position is part of the Risk & Compliance team, segregated from business units such as IT and others which control Company services in order to maintain objectivity in its audit oversight role.
The Risk & Compliance department provides support in the areas of Enterprise Risk Management, Data Security Compliance, Intellectual Property Protection, Contract/Legal Review and Records & Forms Management.
This position is able to work 100% remote, onsite at our corporate headquarters in Neenah, WI, or in a hybrid capacity.
Job Responsibilities
- Responds to customer written and verbal requests for detailed information about J. J. Keller’s security and privacy strategy and implementation.
- Analyzes reports of security incidents and prepares tactical and strategic actions required to respond; assists with analysis of incident to determine root cause.
- Evaluates suitability of security measures and controls to protect organizational data from unauthorized access, disclosure, modification or destruction; recommends improvements.
- Conducts internal audits of administrative and technical controls to assess compliance with data security and privacy policies, procedures, standards, and/or regulations. Completes audit documentation.
- Provides consulting to business units on interpretation of audit results, adequacy of proposed remediation of control gaps, and recommendations for overcoming shortfalls.
- Assists in updating the information security management system risk model to manage cyber risks associated with business activities and technical implementations.
- Collaborates with IT Infrastructure team on monitoring security services provided by outside vendors (IDS/IPS/SIEM, reviews of developed code, vulnerability scanning, and annual penetration test).
- Assesses data security and privacy practices of new company vendors; regularly reviews practices of existing vendors to ensure company requirements are being met.
- Advises Contracts team on data security and privacy language included in proposed customer and vendor contracts.
- Keeps up-to-date with changing trends in customer requirements, technology, security, and compliance, along with knowledge of Company services, the infrastructure on which they run, and the hardware and software supported. Advises company leadership on emerging trends and potential impact on the company.
- Administers the AuditBoard auditing system for Risk & Compliance and other company users; performs system configuration, user training, and consultation.
- Carries out responsibilities in a fair, ethical and non-discriminatory manner.
Qualifications
Experience:
- Experience working with information security and preforming audits.
- Investigating data security incidences and asking probing questions.
- Knowledge of one or more of the following: NIST Cybersecurity Standard and ISO 27001:2022; 18 CIS Critical Security Controls; privacy laws including GDPR, CCPA and US States.
- Experience with risk assessment and vulnerabilities.
Education:
- Bachelor’s Degree in Business or Technology related field with a focus on information security.
- Desired Certifications: CISSP, CISA, CIA, CRISC, CISM, GIAC, or CEH.
Other Skills/Qualifications:
- Knowledge of information security technology, disaster recovery and business continuity planning, cloud technologies, firewalls, intrusion detection systems, data loss protection, identity and access management, anti-malware, and SIEM technologies.
- Must be effective in working across organizational boundaries to build a case for change and work with others to execute the change.
- Enhanced organizational and prioritization skills.
- Ability to work independently and meet deadlines.
- High attention to detail and strong analytical mindset.
Benefits
- Medical / Dental / Vision Insurance
- Annual Reviews, Merit Increases + Quarterly Bonus Program
- 401(k) with Employer Match
- Annual Profit Sharing
- 17 PTO Days + 8 Paid Company Holidays + 1 Paid Floating Holiday
- Work/Life Balance & Flex Time
- Annual Learning & Development Subscriptions
- Free Onsite Wellness Clinic for those associates near our corporate office + free telehealth coverage for all associates regardless of where you live
- Free access to FLEX by Fitness on Demand providing 24/7 access to online workout videos
- Strong company culture that fosters internal growth and development
- Computer Equipment Provided for Home Office
We Protect People & The Businesses They Run™
Every associate at J. J. Keller makes a difference by creating safer, more respectful workplaces. Whether serving our customers directly with expertise in safety and regulatory compliance or supporting the business with specialized skills, together we contribute to better workplaces for people across North America.
J. J. Keller History: November 1, 2023, marked 70 years of business for J. J. Keller & Associates, Inc. Click HERE to take a tour through three generations of this family-owned business – from our founding as a one-man consulting firm through decades of delivering on our purpose of protecting people and the businesses they run.
J. J. Keller Career Stories: Click HERE to hear from our associates about what they have to say about life as an associate at J. J. Keller.
J. J. Keller Earns 8th Great Place to Work Certification™: Click HERE to find out what makes J. J. Keller great.
J. J. Keller Certified as a Top 100 Most Loved Workplace® in America: Click HERE to find out why our associates LOVE working at J. J. Keller.
2024 Top Company for Women to Work for in Transportation: Click HERE to learn more about this prestigious recognition.
J. J. Keller provides a competitive benefit package which includes the following (eligibility requirements apply): Medical, Dental, and Vision Insurance, 401(k) and Profit Sharing Plan, etc. The compensation range for this role is $70,000.00 to $81,000.00 which varies depending on factors including, but not limited to, a candidate’s overall experience and geographic location. Note that J. J. Keller is not currently recruiting employees to work in California.
If you experience system-related issues or need assistance with the online application, please call (920) 720-7700.
Professional Referral Program: Not the right role for you, but know someone who could be a great fit? Click HERE to refer them to us through our Professional Referral Program and you will earn a cash payment if your referral is hired.
J. J. Keller & Associates, Inc. is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
ApplyJob Profile
Work from Home in the US
Benefits/Perks17 PTO days 17 PTO Days + 8 Paid Company Holidays + 1 Paid Floating Holiday Annual Learning & Development Subscriptions Annual Profit Sharing Annual reviews Annual Reviews, Merit Increases Computer equipment provided Flexible hours Free access to FLEX by Fitness on Demand Free Onsite Wellness Clinic Free telehealth coverage Full-time Merit increases Professional development Profit Sharing Quarterly bonus Quarterly Bonus Program Remote-first company Remote work Standard business hours Strong company culture Vision Insurance Work/Life Balance & Flex Time
Tasks- Administer auditing system
- Advise on contracts
- Analysis
- Analyze security incidents
- Assess vendor practices
- Collaborate with IT infrastructure
- Conduct internal audits
- Configuration
- Development
- Documentation
- Provide consulting on audit results
- Respond to customer inquiries
- Update risk model
Analysis Analytical Anti-Malware Attention to detail Auditing Business Continuity Business Continuity Planning CCPA CIS critical security controls Cloud Technologies Compliance Consulting Data loss protection Data Security Disaster Recovery Documentation Firewalls GDPR Identity and Access Management IDS Implementation Information security Internal Audits Intrusion detection systems IPS ISO 27001 NIST cybersecurity Nist cybersecurity standard Organizational Planning Regulatory Compliance Risk Assessment Risk Management Security Security Controls SIEM SIEM technologies Training Vulnerability Scanning
Experience3 years
EducationBachelor's degree Business Related Field Technology
CertificationsCEH CIA CISA CISM CISSP CRISC GIAC
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9