Carters/OshKosh IT Risk and Compliance Analyst in Atlanta, Georgia
IT Risk and Compliance Analyst
- Date Updated:June 19, 2017Job Level:Mid Career (2+ years)
- Job Type:Full-Time/RegularYears of Experience:2 - 5 Years
- Travel:Not SpecifiedLevel of Education:BA/BS
- Position ID:85329-247017
Carter's, Inc . (NYSE:CRI), is the largest branded marketer in the United States of apparel and related products exclusively for babies and young children. The Company owns the Carter's and OshKosh B'gosh brands, two of the most recognized brands in the marketplace. These brands are sold in leading department stores, national chains, and specialty retailers domestically and internationally. They are also sold through more than 900 Company-operated stores in the United States and Canada and on-line. Carter's is headquartered in Atlanta, Georgia. If you dream of working with innovative colleagues who support and inspire you, Count on Carter's .
This role will be expected to assist with the implementation of leading security and governance practices, procedures, and controls to protect Carters information assets and ensure compliance with applicable regulatory requirements.
IT Risk Management (45%)
- Evaluates and updates security policies, procedures, and standards to ensure alignment with applicable security control requirements
- Assists with the execution of IT security risk assessments against industry leading security controls frameworks
- Assists in developing controls inventory, performing gap-analysis, and documenting remediation action plans
- Regularly updates metrics and analysis to track remediation progress and demonstration of control maturity and effectiveness
- Conducts third-party security and compliance assessments and documents detailed results
- Coordinates with data owners to ensure accuracy and completeness of sensitive Company information
- Evaluates the adequacy and effectiveness of safeguards protecting sensitive Company information
IT Compliance (35%)
- Acts as a supporting point of contact for external and internal IT-related audits
- Performs periodic reviews of SOX controls and technical security controls to ensure continuous adherence to Company policies and applicable regulations
- Assists in developing and monitoring SOX remediation plans
Process Improvement (20%)
- Drives process changes across the organization and acts as Subject Matter Expert (SME) for all compliance related questions
- Develops process flows, technical diagrams, and control narratives for complex IT environments to aid in asset risk classification
Deliver presentations (internal and external to IT) on relevant topics to develop others
Experience and Skills
- Bachelors degree is required, technical degree is preferred.
- Professional certification (CISA, CISM, CISSP, CIA or similar) is highly desired
- Big Four Experience Preferred
- 4+ years experience in IT with experience in at least 1 of the following areas: SOX audits, internal audit, security risk assessments, information governance, privacy, security awareness, or cyber security maturity assessments. Strong preference for experience in 2 or more areas.
- Experience implementing information security plans or conducting financial and technology audits.
Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law.
Visit http://carters.submit4jobs.com/ today