Job Expired

JOB DESCRIPTION

IT Risk & Compliance Analysts! Are you ready to be responsible for ensuring the enterprise systems comply with secure development, deployment, and operation standards and best practices for a Fortune 500 company? This requires strong knowledge of security and risk frameworks such as PCI (a must), NIST and COBIT, regulatory requirements such as DSS, Sarbanes Oxley and HIPAA, and industry-standard security solutions such as firewalls, intrusion detection systems, anti-virus software, and data encryption. Additional responsibilities include technical leadership, mentoring, and leading projects. If you have strong skills with a GRC tool such as ServiceNow (our tool) or Archer GRC, you might be out ideal candidate!

Tractor Supply Company (TSCO) is a $6.8 billion growth organization and the largest operator of retail farm and ranch stores in the United States. We are positioned to grow to 2,500 domestic Tractor Store locations from our current 1,600+ stores in 49 states, and we boast a cutting edge e-commerce website at TractorSupply.com. During this exciting time, we are seeking talented people who want to join our superb team members in embracing our mission and values as we soar forward.

Essential Duties and Responsibilities

Serves as an internal information security consultant to the organization.
Provides direct training and oversight to all employees, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures.
Liaise with Internal Audit for remediation of IT audit findings; track and report on security-related issues.
Ensures all regulatory requirements are met such as PCI and SOX.
Maintains and implements information security policies and procedures for the organization.
Initiates, facilitates and promotes activities to create information security awareness within the organization.
Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager.
Works with internal and external auditors to perform information security risk assessments.
Develops key metrics to measure effectiveness of the information security program.

Job Requirements

Qualifications

Bachelor’s degree in computer science or related field, or equivalent education and work experience.
6 – 9 years of combined systems and/or security administration experience.
Security certifications preferred.
Knowledge of network administration/protocols and application security is preferred.
Strong skills with high level of proficiency with security frameworks such as ISO, NIST and COBIT.
Strong understanding of regulatory requirements such as PCI DSS, Sarbanes Oxley and HIPAA.
Strong knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
Strong technical knowledge of network, PC, and platform operating systems, including Cisco, Microsoft and Linux.
Strong ability to conduct research into security issues, standards and products as required.
Strong ability to work on Information Security sponsored projects, which includes providing necessary documentation, establishing and meeting timelines.
Strong ability to promote Security Awareness training.
Strong ability to create and/or maintain documentation including policies, procedures, security awareness tips, compliance reports and the like.
Strong ability to work independently, work in a fast paced environment, and manage workload prioritization to deliver high quality work products on time with minimal direction; accept responsibility and personal accountability; flexibility and adaptability in work approach.
Demonstrated collaboration skills with the ability to handle conflict and to work with a distributed team; ability to effectively interface with a broad range of people and roles.
Strong communication skills, both written and verbal.
Strong critical thinking skills with the ability to develop completely new problem-solving approaches and formulate innovative solutions.