Compliance And Security Governance Analyst Ii
job description
Overview:
**Synoptek**
We think globally, act locally. As a Managed Services Provider, Synoptek provides world-class strategic IT leadership and hyper-efficient IT operational support, enabling our global client-base to grow and transform their businesses. We are excited to have experienced continuous growth and in keeping with that momentum we are seeking to add talent to our team. When you partner with Synoptek, you engage with an ever-growing, ever-evolving IT organization that provides a high-caliber team, results growth, and clarity.
**Responsibilities**:
**Governance and Security Analyst II**
This is an amazing opportunity to work within one of the fastest growing Managed Services Providers. We are a company with a heart and soul dedicated to the ongoing success and growth of our employees and continued business success of the customers we support. We foster a fun and connected environment with employee benefits extending beyond general compensation and into company sponsored events and an invested culture of learning.
The Governance and Security Analyst II will be responsible for Shepherding an organization through ISO 27001 and SOC 2 Type II compliance audits.
Additionally, this position will support our client delivery efforts as needed. The Governance &
Security Analyst works in partnership with the Chief information Security Officer and Manager of Security and Governance.
**Duties and Responsibilities**
- Identify and manage risks
- Assist with supporting ISO 27001 audits
- Assist with supporting ISO 9001 audits
- Assist with supporting SOC 2 assessments
- Assist with supporting HIPAA requirements
- Contribute to the development of company-wide best practices for IT security
- Stay up-to-date on information technology trends and security standards
- This job description is not designed to be a comprehensive list of the duties and responsibilities required of the employee in this position, as duties, responsibilities, and activities may change at any time with or without notice
Qualifications:
**Education**
- Bachelor’s degree in related field from an accredited college or university
- In lieu of undergraduate degree, the ratio is 1:
1 - meaning one year of college equals one year of work experience and vice versa
- Industry recognized cybersecurity certifications, ISO 27001 Lead Auditor, followed by CISA, CISM, CRISC or equivalent or willingness to gain within 12 months of employment
**Experience**
- Customarily has at least 2 years of experience in an IT audit role;
external audit experience a plus
- Customarily has at least 2 years of industry experience on the internal audit side, either as a consultant on behalf of a client, or directly supporting/running audits in a client role
- Ideally has some exposure to the Managed Service model of IT service delivery
- Ideally has a desire to grow into a client consulting role
**Skills/Attributes**
- ** Synoptek core DNA behaviors**:
- ** Clarity**:
Possesses excellent communication skills, makes a concentrated effort to speak the customers language. Ability to field questions with concise, well-constructed responses
- ** OwnIT**:
Shows integrity, innovation, and accountability in completing daily assignments
- ** Results**:
Solutions focused and driven to resolve conflict quickly and precisely. Proactively looks for opportunities to contribute to the company’s business goals
- ** Growth**:
Willing to learn and ask questions. Constantly looking for new ways to improve yourself. Ability to adapt and grow in a fast-paced environment
- ** Team**:
Embraces both customers and colleagues as team members. Ability to be flexible, respectful, engaged and collaborative
- Ability to help develop internal policies and procedures
- Ability to communicate with team members to identify and engage with process and control owners
- Some understanding of industry leading tools for SIEM, SOC, Antivirus, Antimalware, Endpoint Detection and Response, and Cloud protection tools.
- Some understanding of AWS and/or Azure Some understanding of networking including subnetting, segmentation, and firewalls
**Working Conditions**
We live by the motto ‘work hard, play hard’ and strive to support our employees in both their professional and personal goals. We believe that by hiring the right people, leading process improvement, and leveraging technology, we achieve superior results.
**EEO Statement**
We are proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, veteran status, sexual orientation, gender identity, marital status, pregnancy, genetic information, or any other characteristic protected by law and will not be discriminated against on the basis of disability. It is our intention that all qualified applicants are given equal opportunity and that employment decisions be based on job-related factors.