Bachelor's Degree in Information Security, Accounting and Information Systems, IT Risk Management or related field or equivalent professional experience
Six or more years of combined experience in IT Audit, IT Risk Management or IT Compliance
Two or more years of experience with governance, risk, and compliance tools.
Direct experience in implementing, managing or assessing at least three of the following compliance programs:
SOC 1
SOC 2
ISO 27001
PCI DSS v3.2
SOX IT Audit
IT risk, information security & compliance experience or Public accounting/consulting experience in the IT Audit or Advisory domain
Experience with use of GRC tools for enterprise-wide controls maintenance, control execution, and policy/procedure development
Experience working in the data center industry
Certifications: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC)
Knowledge, Skills & Abilities:
Excellent verbal and written communication skills
Strong technical, analytical and problem-solving skills
Ability to interact with personnel on all levels to resolve issues and provide solutions in a timely manner
Understands the need for, and consistently practices, effective teamwork with others.
Capable of prioritizing and managing assignments, tasks and projects to completion with minimal supervision
Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment
Project management discipline, research skills and multi-tasking abilities; prioritize work activities, set goals and develop achievable action plans
Ability to identify and resolve problems in a timely manner, anticipate barriers to execution; gather and analyze information, consider alternate solutions and achieve results despite resource constraints
Intermediate to advanced proficiency in the use of Microsoft Office products, including Word, Excel and PowerPoint
Benefits
25 days annual leave5,250 EUR training bursaryCompany car scheme - eligibility requiredPension scheme with AllianzOccupational disability allowanceVoluntary health insuranceVoluntary pet insuranceThis position in bonus eligibleHealth insuranceVision insurancePerformance bonus
Additional Information
The Senior Technology Compliance Analyst is responsible for the implementation of new compliance standards and monitoring QTS' adherence to compliance standards for all products offered by QTS.
Responsibilities , other duties may be assigned:
Maintenance of enterprise control set
Perform controls rationalization as new IT and operational compliance standards are implemented simplify the enterprise control set
Evaluate and interpret IT and operational compliance standards requirements and provide guidance to process and control owners on the objective and intent of the requirement
Engage with process and control owners to understand technical process steps, identify mapping to compliance standards, evaluate gaps, and track execution
Drive the creation and maintenance of enterprise compliance documentation set (policies, standards, specifications, baselines, guidelines and procedures)
Complete controls obligations necessary to meet company compliance, audit, and security program requirements
Provide compliance support for vulnerability scanning and other security related audits
Prepares and presents status reports, risks, recommendations, and lessons learned to all levels of management
Develops key performance indicators and metrics to measure and report on the health of the compliance program
Facilitate risk assessments across corporate business units.
Negotiate acceptable time-frames to comply with audit findings by interfacing with auditors, IT management and business personnel
Manage internal and external resources in a variety of scenarios including compliance readiness assessments, controls implementations, and control execution monitoring
Qtsdatacenters · Groningen, Nl, Canada