Accounting/Auditing, Computers, Software, Law Enforcement, and Security, Research & Development
Senior Security Compliance Analyst
This will be a new position to support CBRE’s Digital & Technology (D&T) Compliance within the Global Cyber Security team. This position will work with Corporate Compliance, Internal Audit and various lines of business as needed. In addition, the position will have responsibilities outlined below.
Assist with ISO assessment and certification efforts
Assist with Security Awareness initiatives, such as, phishing campaigns, annual security awareness training.
Assist with the development, implementation, and enforcement of D&T policies and procedures.
Process and gather audit document requests internally and prepare them for distribution to the requesting audit entity.
Participate in audit walkthroughs and document control activity changes.
Coordinate audit activities i.e., Schedule meetings with control owners, follow-up on documentation requests, manage audit cycle timetables, etc.
Work closely with senior compliance staff to provide support and facilitation where directed.
Coordinate communication between external audit entities and internal D&T staff.
Ensure established controls are communicated, understood, implemented, and tested as appropriate.
Document internal and external audit findings and report on exceptions.
Document and report to management on outstanding issues.
Engage in other related Cyber Security activities as directed by management.
Bachelor's degree in business or related field and 4-6 years of experience.
Requires prior contributor experience participating in at least 2 (two) audits of any type i.e., ISO 27001/27002:2013, SOX, SOC1, SSAE16/18, PCI, HIPPA, etc. covering at least a 2 year period.
At least 3 years’ experience in a service oriented environment.
At least 3 years’ experience in Information technology field.
quires strong self-motivation, business decorum, and a desire to pursue a compliance career.
Requires knowledge and implementation of information technology compliance regulations and standards.
Requires knowledge of general audit lifecycle.
Fluent in Microsoft Office products i.e., Word, Excel, Powerpoint, Sharepoint, etc.
Preference is given to candidates with certifications such as, CISA, CISSP