The Sr. IT Security Compliance Analyst will be responsible for day-to-day activities in implementing the information security and compliance program. The individual will assist in maintaining audit and compliance initiatives to ensure policies, standards, procedures, and audit activities align with the business, IT, and regulatory requirements, including but not limited to SOX and PCI. Success in the role will be measured by the effectiveness of implementing and operating information security and compliance directives.
- Identify, collect, organize, and review pertinent evidence such as user access reviews across multiple platforms and applications to determine compliance with relevant regulatory controls.
- Coordinate the internal and external SOX/PCI audits relative to IT.
- Act as a liaison between Auditors and IT by coordinating requests for information and coordinating responses to any observations.
- Establish and maintain security & controls policies and procedures under applicable regulations.
- Research new security compliance requirements and assist in evaluating compliance control requirements.
- Report security control-related metrics and effectiveness.
- Schedule and lead technical interviews with various stakeholders and leadership.
- Write detailed findings, remediation plans, and obtain supporting documentation.
- Ensure compliance with applicable information security standards and policies.
- Provide IT management guidance on how to re-mediate pertinent action items to ensure ongoing compliance.
- Administer and evaluate risk assessments for vendors and internal systems.
- Effectively manage internal and external auditor requests.
- Ensure timely delivery of completed user access reviews with respective IT security management remediation.
- Ensure issues associated with processes or applications are mitigated with appropriate controls.
- May perform other responsibilities as assigned. Responsibilities and duties may change when circumstances dictate (e.g., emergencies change in workload, rush jobs, or technical developments).
Qualifications
- Bachelor’s degree or equivalent experience.
- 10+ years experience in IT Audit, Information Security, and IT domains such as Governance, Risk, and Compliance, IT operations, incident response, access management, penetration testing, vulnerability scanning, e-discovery & forensics, application development, infrastructure, or technical support.
- One or more of the following: CISSP, CISA, CRISC.
- Previous experience implementing and utilizing a GRC tool.
- Previous Identity and Access Management experience is a plus.
- Working knowledge of applying information security frameworks such as NIST and ISO within an organization.
- Working knowledge of how to apply risk management frameworks within Information Security.
- Excellent written and verbal communication skills.
- Strong experience working with productivity tools such as MS Office.
- Ability to interact confidently with various levels of technical and management positions.
- Possess a broad knowledge of Technical Operations group requirements and activities.
- Must be able to translate theoretical requirements into applicable policies and standards.
- Must be a strong critical thinker.
- Must be able to provide multiple solutions to complex problems.
*Please be advised that you will be asked to complete a required assessment to be considered for this position. This assessment will be emailed to you after you apply. Please be sure to check your Spam folder and/or junk mail if you do not receive it. *
We offer a competitive salary and comprehensive benefits to our team members including medical, dental, STD, LTD, life insurance, 401(k), paid time off, travel benefits and much more. We strive to maintain a professional, yet friendly environment and promote professional and career development for our Team Members.
Overview
At Spirit Airlines, our mission is to deliver the best value in the sky and be the most successful airline on Earth! We are leaders in providing customizable travel options and make it possible for our Guests to venture further and discover more than ever before by serving destinations throughout the U.S., Latin America, and the Caribbean! Imagine making your mark on an organization introducing 100’s of new aircraft that will double our fleet!
- Fly With A Winner: Our constant growth and improvement mean boundless career opportunities. Team Members develop their careers rapidly while building key skills that drive long-term success.
- The Giving Spirit: We are committed to inspiring positive change in the cities where we work and live. That starts with giving back through Corporate Social Responsibility and The Spirit Airlines Charitable Foundation.
- Be Yourself: We want Team Members to feel empowered to bring their whole self to work and contribute to our success – that’s why we’re committed to building progress in the areas of Diversity, Equity, Inclusion and Belonging. Our Spirit Family is strong, not despite our differences, but because of them.
- Travel The World: We offer competitive base salaries with robust health & welfare benefits, including travel & flight benefits for you and your family.
EEOC Statement
Spirit Airlines is an Equal Employment Opportunity employer. All aspects of employment are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or any other category protected by federal, state, or local law.
Req ID: 5499