Information Security Compliance Analyst
US-CO-Littleton
Attract-careers1
Req #: 91598
Type: Fulltime-Regular
|
|||||||||||
|
|||||||||||
Overview: Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow. Responsibilities: Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session. Within the Governance Risk and Compliance (GRC) team we are seeking a Compliance Analyst that interpret regulatory requirements into actionable oversight and testing so that we are able to demonstrate the strength of our systems and controls. Experience in cybersecurity in areas such as PCI, CPNI, SOX and IT auditing would be great, but if you have skills aligned with these we'd still love to hear from you. Key Responsibilities: * Assist in preparing and executing annual PCI DSS assessments for Echostar businesses. * Designing and executing controls testing plans in conjunction with other members of the GRC team. * Work with other Information Security teams and the business in designing appropriate remediation plans and controls to improve management of cybersecurity risks. * Researching regulatory changes that may impact EchoStar, and managing our regulatory change process. * Support our obligations for regulatory filings, including PCI and CPNI. * Collaborate with internal stakeholders to gather evidence and address compliance gaps. * Review and analyze technical documentation, including system configurations and security policies as part of assessing regulatory compliance. * Maintain accurate compliance records. Qualifications: Education and Experience: * Bachelor's degree in Information Technology, Information Security, or a related field * Minimum of 2 years of experience in a compliance or information security role, preferably with exposure to PCI DSS or CPNI requirements Skills and Qualifications: * Understanding of information security principles, risk management concepts, and regulatory compliance frameworks such as PCI DSS, NIST CSF, NYDFS, and CPNI * Strong written and verbal communication skills, with the ability to interact effectively with technical and non-technical stakeholders * Ability to work independently and as part of a team in a fast-paced environment * Proficiency in Google Workspace helpful * Relevant certifications such as PCI QSA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security- or audit-related certifications are a plus Visa sponsorship not available for this role
Share this job:
