Who We Are
Artmac Soft is a technology consulting and service-oriented IT company dedicated to providing innovative technology solutions and services to Customers.
Job Description
Job Title : Senior Regulatory Compliance Analyst - SOX, PCI, and Cloud Security
Job Type : C2C
Experience : 7-13 Years
Location : Atlanta, New York
Required Experience And Skills
- Minimum of 3-6 years of relevant experience in compliance and regulatory assessments.
- Strong understanding of regulations, internal controls, and compliance frameworks.
- Familiarity with project management practices and techniques.
- Excellent interpersonal, critical thinking, and time management skills.
- Proficient verbal and written communication skills.
- Ability to work collaboratively in a team environment.
- Certifications (at least one or more of the following): CISA, CISM, ISO 27001 Lead Auditor, Google Cloud Security Professional (GCP).
- Preferred experience with cloud environments and understanding of how SOX applies to those settings.
Responsibilities
- Conduct Gap Assessments and Regulatory Compliance Assessments to identify areas of improvement and develop mitigation measures or additional controls for organizational assets in alignment with SOX, PCI, and other standards.
- Ensure compliance with all applicable policies, regulatory requirements, and standards.
- Lead the SOX onboarding process and compliance assessments, ensuring a minimum of 3 years of experience in this area.
- Evaluate and assess PCI standards compliance with a minimum of 3 years of experience in PCI standards assessment.
- Collaborate with process owners to identify and understand new business processes or changes to existing processes, including creating process narratives and related flowcharts.
- Identify and document key controls, ensuring that controls are being met/compliant across all applications.
- Implement procedures for company-wide adherence to SOX, PCI, ISO 27001, and other compliance programs.
- Develop audit reports on the implementation status for applications and controls in scope.
- Collaborate with Application teams to bring applications into scope for SOX compliance, including setting up and reviewing audits and baseline audits.
- Understand data flow and architecture to evaluate impacts and define key controls.
- Develop recommendations and support the implementation of those recommendations by coordinating with respective system owners.
- Follow up on audit recommendations and track remediation efforts.
- Differentiate between SOC1 and SOC2 testing procedures and test cases, ensuring an understanding of applicable environments for SOX compliance.
- Identify controls that are applicable to variable cloud offerings and provide insights on Complementary User Entity Controls (CUECs).
- Assist in remediation of findings by understanding defects and developing appropriate remediation strategies.
- Act as a Subject Matter Expert (SME) to assist application teams with questions to ensure SOX compliance meets regulatory requirements.
Qualification
- Bachelor's degree or equivalent combination of education and experience.