Information Security Compliance Project Manager (Remote)
We are looking for a Compliance Project Manager to work as a consultant for a B2B high tech company. This position will be responsible for working with the Information Security compliance team in operationalizing CCP (common controls platform) and the Controls Automation cloud security projects for the client. The role includes being engaged in supporting and leading efforts pertaining to key regulations, privacy, and compliance program activities including SOX, Cybersecurity Maturity Model Certification (CMMC), and Cyber Essentials.
This resource should ensure the existence of appropriate security governance within the Compliance Program scope including environments (policy, procedures, baselines, and monitoring); assessment of required controls, and testing of adherence to required policies, procedures, and monitoring. The position will also be responsible for performing risk assessments and gap analysis exercises while working collaboratively with Functional Business Unit and IT teams to implement required remediation effectively.
This is a 6-month project, 40 hours per week, Remote in the US
This is a W-2 role as a Stage 4 Solutions’ employee, health benefits offered.
- Perform a Gap analysis and implement required controls to meet the company’s Compliance Program requirements in a cloud environment.
- Maintain ongoing oversight of concurrent, company-wide programs and initiatives that impact the Compliance programs. Escalate and resolve risks and issues as required.
- Develop and track towards a Corporate Compliance program roadmap.
- Develop metrics and reporting to demonstrate compliance program compliance status.
- Test for adherence to compliance controls, policies, procedures, and standards.
- Understands testing techniques and able to communicate test results/findings to various stakeholders or functional managers.
- Prepare for engagement reviews and quality assurance activities.
- Work effectively with remote offshore team on assessments and compliance monitoring activities.
- Assist with integrating compliance requirements into the organization’s processes (e.g., change control, mergers, and acquisitions) and life cycle activities.
- Manages timelines, resources, project plans, action item logs, status reports, and statistics to ensure milestones, goals, and commitments are met, may need to act as a change agent.
- Work closely with both Internal and External audit teams.
- Lead control integration efforts with new or existing systems and supporting architecture.
- Maintain knowledge and awareness of the company and industry changes/developments in order to continually identify and evaluate key business areas, their respective business processes and controls, and its impact on financial reporting.
- 5+ years of Cloud Compliance, Security, or Audit experience with at least 5 years of direct compliance experience across all domains preferably in a cloud provider environment.
- Experience with a large company and/or Big 4 accounting firm
- Advanced security certifications like CCSP, CISSP, CISM, CISA, preferred
- SAP knowledge and experience highly desired
- ISO27001 is required, HIPAA, PCI experience a plus
- Experience working with or utilizing the RSA Archer eGRC application a plus
- Familiarity with common compliance frameworks such as COBIT, COSO, ISO27001, and industry-recognized guidance such as NIST a plus
- Bachelor’s degree in Computer Science, or related discipline.