We are looking to hire a dynamic Information Security Compliance Analyst to join MSX’s Global Information Security and Compliance team, reporting to the Head of Information Security and Compliance.
This position will serve as a subject-matter expert on information security and compliance initiatives. The candidate will work with internal and external stakeholders, as well as customers, to implement and manage a strong integrated security and compliance posture in addition to serving as a consultant to the business on IT privacy and security controls design and implementation.
Responsibilities:
- Builds, implements, and manages MSX’s Information Security Management System’s compliance using frameworks that include CIS, TISAX, NIST CSF, GDPR, LGPD, CCPA, and other applicable regulatory best practices
- Provides guidance, governance, and assurance on infosecurity related activities, events, and alarms
- Conducts vendor, asset, program, and processing activity risk reviews using OneTrust and serves as System Administrator for OneTrust (Governance, Risk, and Compliance platform)
- Participates in vendor Quarterly Business Reviews (QBRs)
- Assists with completing Requests for Proposal and Requests for Quotation with a focus on privacy and security topics
- Creates guides, documents, and analyzes data using a wide variety of data sources and tools
- Responds to requests on Information Security and Privacy policy, processes, and best practices
- Manages ServiceNow incidents related to ISC Compliance Requests
- Builds and maintains strong relationships with internal stakeholders, customer business contacts, and IT vendors
- Raises Information Security and Privacy awareness across the organization through training, presentations, and written articles