Sedgwick
Location
Fayetteville, NC | United States
Job description
Taking care of people is at the heart of everything we do, and we start by taking care of you, our valued colleague. A career at Sedgwick means experiencing our culture of caring. It means having flexibility and time for all the things that are important to you. It’s an opportunity to do something meaningful, each and every day. It’s having support for your mental, physical, financial and professional needs. It means sharpening your skills and growing your career. And it means working in an environment that celebrates diversity and is fair and inclusive.
A career at Sedgwick is where passion meets purpose to make a positive impact on the world through the people and organizations we serve. If you are someone who is driven to make a difference, who enjoys a challenge and above all, if you’re someone who cares, there’s a place for you here. Join us and contribute to Sedgwick being a great place to work.
Great Place to Work®
Most Loved Workplace®
Forbes Best-in-State Employer
IT Compliance Specialist
PRIMARY PURPOSE : To advance the IT Compliance program including coordinating and reporting of the work; to represent Sedgwick IT with specialized knowledge of IT Compliance activities and standards to clients, carriers and external stakeholders.
ESSENTIAL FUNCTIONS and RESPONSIBILITIES
Responds to client and carrier IT risk assessments and audit requests in a timely manner.
Assists in ensuring the ongoing compliance within the IT organization to the ISO 27001:2013 standard.
Collaborates with solution control owners to assess compliance against the controls.
Identifies gaps/actions in cases of non-compliance and collaborates with solution owners to design and implement the appropriate controls.
Tracks compliance action items, verifies evidence, and ensures all actions are closed on a timely basis and in compliance with the control.
Tracks monitoring activities to ensure all activities are closed on a timely basis; ensures non-compliance items have action items created and are tracked to completion.
Performs project management duties in the planning, scheduling, coordinating, reviewing and reporting of IT compliance activities; provides knowledge in IT compliance standards and performance criteria.
Collaborate with security teams and business leads to evaluate vendors IT Security Controls and ensure Vendor is Tiered correctly.
Communicate with vendors, conduct risk assessments and evaluate assessments and or questionnaires in a timely manner
Facilitate opportunities to improve efficiencies in automating and advancing vendor onboarding processes
Identify Gaps in Information Security Controls and work with the business to ensure the vendor remediates the risk timely.
ADDITIONAL FUNCTIONS and RESPONSIBILITIES
Performs other duties as assigned.
Supports the organization's quality program(s).
Travels as required.
QUALIFICATIONS
Education & Licensing
Bachelor's degree in a computer related field from an accredited college or university preferred. Major in information systems or computer science preferred. At least one of the following credentials preferred: Certified Internal Auditor (CIA), Certified Information System Security Professional (SSCP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA) designation.
Experience
Six (6) years of years of information technology, accounting or closely related industry experience or equivalent combination of education and experience required to include two (2) years project management and/or experience in a team environment. Experience with OneTrust and Service now TPRM modules. Experience and understanding of various US and International regulatory requirements and laws such as PCI, SOX, HIPAA, HITRUST, GDPR and GLBA. Experience in working with and reviewing industry standard security reports such as ISO, SOC, CSAIQ, etc
Skills & Knowledge
Understanding of internal control and data security concepts and their applications
Proficient knowledge of IT risk management, risk mitigation, data protection and security, and investigation procedures
Knowledge of basic system architecture concepts and processes
Creative and analytical approach to problem solving
Excellent oral and written communication skills, including presentation skills
PC literate, including Microsoft Office products
Analytical and interpretive skills
Strong organizational skills
Excellent interpersonal skills
Ability to create and complete comprehensive, accurate and constructive written reports
Ability to work in a team environment
Ability to meet or exceed Performance Competencies
WORK ENVIRONMENT
When applicable and appropriate, consideration will be given to reasonable accommodations.
Mental : Clear and conceptual thinking ability; excellent judgment, troubleshooting, problem solving, analysis, and discretion; ability to handle work-related stress; ability to handle multiple priorities simultaneously; and ability to meet deadlines
Physical : Computer keyboarding, travel as required
Auditory/Visual : Hearing, vision and talking
The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time.
Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace.
If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles.
Taking care of people is at the heart of everything we do. Caring counts
Sedgwick is a leading global provider of technology-enabled risk, benefits and integrated business solutions. Every day, in every time zone, the most well-known and respected organizations place their trust in us to help their employees regain health and productivity, guide their consumers through the claims process, protect their brand and minimize business interruptions. Our more than 30,000 colleagues across 80 countries embrace our shared purpose and values as they demonstrate what it means to work for an organization committed to doing the right thing – one where caring counts. Watch this video to learn more about us. (
Job tags
Salary
