Security Compliance Analyst Resume Sample
Work Experience
- Reports on the delivery of ‘wipe scripts’ to support and analyze metrics detailing appropriate mobile device management as well as identity and information security measures
- Supports ‘Patch’ Management activities including the notification to impacted stakeholders and the affected team on both the patch release as well as to capture and report on any resulting remediation. Maintains an inventory of all ‘patches’ put into effect within IT and creates metrics and aligned reporting to monitor all patch management activities
- Processes Out-Of-Band and authentication scan requests for end users as assigned to the role through ServiceNow, IT’s incident management tool
- Provides a forward vision to identify best practices and opportunities for improvement in both the remit of the role and the reporting on the applications the role oversees.
- Strong interpersonal skills to adapt personal communication styles to the style of others, developing rapport across a globally diverse organization across IT. Able to staying calm under pressure, balance multiple projects effectively and to build and maintain SOS’s credibility in technical support
- Perform monitoring of key security control and procedures
- Plan and conduct security audits and assessments across multiple IT systems. Test controls for operating effectiveness and report preliminary findings
- Perform Independent analysis of results of security assessments and testing to appropriately assess risks and provide appropriate recommendations for corrective actions
- Collaborate with various IT departments to identify root causes and assist in development of solutions
- Perform deep analysis of Access, Change Management, Vulnerability Management, and assist with 3rd party risk assessments
- Work with various control owners and assist in remediation and process improvement activities
- Act as a liaison between external auditors and internal process owners, and respond to external auditor’s requests
- Prior experience in an audit, compliance and regulatory environment related to security and privacy including standards across industries and geographies such as PCI, ISO, SOC, HIPAA, HITRUST, FedRAMP, FINRA, SEC and OCC is desired
- Develop and maintain SOC2 scoping documentation including system understanding, process flows, and system infrastructure diagrams
- Perform control alignment validation
- Facilitate in identifying controls gaps ensuring sufficient remediation plans and tracking to timely resolution
- Provide information for status reports and support stakeholder communications
- Facilitate system and control understanding walkthrough meetings
- Update and maintain system and process narratives
- Support GRC tool implementation and workflows
- Experience with SOC2 reporting engagements, and Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles
- Information technology risk management experience and proven ability to meet deadlines
- Adapt in a dynamic work environment, learns quickly, solve problems, and make decisions with minimal supervision
- Experience in a service oriented environment
- Experience in Information technology field
Education
Professional Skills
- A combination of experience, education, and training which substantially demonstrates the following knowledge, skills, and abilities
- Demonstrates strong organizational; project management; analytical, problem-solving and communication skills
- Strong analytical, organizational and decision making skills. Detail oriented, strong sense of urgenc
- Strong collaboration skills and a demonstrated ability to approach technical and business solutions in a consultative manner
- Use excellent communications skills and consultative approach to identify opportunities for improvement
- Excellent communication, collaboration, organizational, and analytical skills
- Strong analytical skills and creative problem-solving abilities
How to write Security Compliance Analyst Resume
Security Compliance Analyst role is responsible for interpersonal, analysis, security, organization, compliance, reporting, training, analytical, excel, leadership.
To write great resume for security compliance analyst job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Security Compliance Analyst Resume
The section contact information is important in your security compliance analyst resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Security Compliance Analyst Resume
The section work experience is an essential part of your security compliance analyst resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous security compliance analyst responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular security compliance analyst position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Security Compliance Analyst resume experience can include:
- Excellent English language, grammar, and spelling skills for writing, editing, and proofreading
- Demonstrated expertise managing a compliance project and effectively managing stakeholders
- Strong Active Directory skills (Win Server)
- Very good administrative and organizational skills
- Excellent knowledge and experience with policy writing, definitions and enforcement
- Have strong experience with securing Windows environments
Education on a Security Compliance Analyst Resume
Make sure to make education a priority on your security compliance analyst resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your security compliance analyst experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Security Compliance Analyst Resume
When listing skills on your security compliance analyst resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical security compliance analyst skills:
- Excellent report writing skills, ability to prepare compliance reports
- Work effectively in a dynamic environment where shifting priorities frequently alters work plans
- Strong verbal, written and interpersonal communication skills along with the ability to work with others
- Demonstrated analytic, written, and oral communication skills
- Excellent oral and written communication skills in both a technical & non-technical environment
- Collaboration, planning, and prioritization skills
List of Typical Experience For a Security Compliance Analyst Resume
Experience For Senior Security Compliance Analyst Resume
- Can effectively work self-sufficiently across a geographically distributed team environment with integrity
- Effectively build and manage trusted partnerships with internal collaborators through knowledge, consistency, and quality of work
- Be able to work effectively with other members of the GRC organization to drive results
- 3) REPORTING: Experience generating meaningful and actionable reporting, including progress tracking and analysis
- Experience in an IT role focusing on information security/risk assessments working for a large organization
- Experience working with Sailpoint implementing it into an environment
- Responsible for conducting NCUA’s IV&V (quarterly and ad hoc) tests to evaluate the effectiveness of policies, procedures, and practices
- Assist with annual PCI assessments and the preparation of evidence and SAQ’s for signature
Experience For IT Security Compliance Analyst Resume
- Provide and collect evidence for cybersecurity audits
- Monitor effectiveness of security systems and anti-virus systems, and report issues to management
- Ensure effective and complete reporting and record-keeping of all KYC and Sanctions/OFAC cases processed, per Security Compliance policy, process and SLA's
- Assist during the audit to manage the process of providing all requested evidence during our PCI assessments
- Solid understanding of IT Security best practices and technology (such as security awareness, auditing, data protection, Business Continuity Plan, etc)
Experience For Security & Compliance Analyst Resume
- Solid understanding of IT Infrastructures and the ITIL Service Delivery Framework
- Server and Networking Basic skill set is desired (Cisco, MS Server, VPN)
- Develop and use techniques, process, procedures, and utilities to manage assessments and audits through Blackbaud’s evidence repository
- Provide Support on evidences for SOX Audits
- User access compliance experience
- Experience with risk assessments, internal controls, business process and internal IT control testing or operational auditing
- Job related experience in compliance or technical engineering field
- Experience with best practices related to network architecture & security controls (Routers, Firewalls, networking protocols, etc)
- Experience using a risk-based audit approach in evaluations of and recommendations for management processes
Experience For IT Security & Compliance Analyst Resume
- Experience using with open-source software and command line utilities
- Experience with vulnerability management and penetration testing tools such as Rapid7, Tenable, etc
- Demonstrated track record staying up to date with industry information security and compliance knowledge
- Facilitate external auditor engagements, organize required objective compliance evidence, schedule required resources and audit timelines for mandatory
- Facilitate external security auditor engagements, organize required objective compliance evidence, schedule required resources and audit timelines
Experience For Senior IT Security Compliance Analyst Resume
- Work-related experience in IT Security field. Junior level is encouraged to apply
- Years of experience: 4-7 years or more
- Work with key stakeholders to recommend, implement, and validate improvements that support a reasonable and efficient remediation of deficiencies
- Assess the exposures resulting from ineffective or missing control practices
- Experience performing technical audits
- Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security policies and related government regulations
Experience For Cyber Security Compliance Analyst Resume
- Weigh the relevancy, accuracy and perspective of conclusions against audit evidence
- Strong self motivation abilities
- Supporting the company with implementation of security projects, procedures and processes
- Supporting the internal and external security, quality and safety audits
- Tracking the key performance indicators for physical security and business continuity processes in the company
- Implementing, in local organization, the globally drafted compliance related documentation such as PCI DSS, ISO 2700 and ISO 9001 documents
- Providing knowledge, sharing and technical assistance to other team members in the area of security and compliance
- Translating technical jargon and complicated concepts into something totally simple and easily understood
Experience For Security Compliance Analyst With English Resume
- Presenting compliance data and working with auditors
- Understanding complex systems and software and identify areas of security concern, with the ability to adapt to rapid change
- Working knowledge of data sources such as those within Human Resources (HR), Active Directory (AD) and Asset Management
- Working knowledge of Data Leakage Prevention (DLP) program objectives, technology and processes
- Understanding of global business regulations, country-specific privacy laws, and how they impact a global company
- Understanding of Third-party Assessment Organizations (3PAO)
- Supporting Systems Security Assessment and Authorization (SA&A) for Federal Agencies
Experience For System & Software Security Compliance Analyst Resume
- Coordinate security training and awareness programs, changes to training content, scheduling training sessions, and reporting training metrics to management
- Proficiency conducting and evaluating/analyzing results from the following set of tools, to include but not limited to: Nexpose, WebInspect
- Assist in the development, implementation, training and auditing of ORC’s information security program and governing policy, standards and procedures
- Contribute by enhancing and maturing the existing common control framework
- Performs daily cadence of monitoring, reacting and triaging malicious events
- 3) Creating interfaces using Sailpoint for onboarding HR related applications
- Obtain continued education and training regarding security and compliance initiatives
Experience For IT Security Compliance Analyst / Auditor Resume
- Keep us ahead of the curve by identifying and recommending changes to policies and procedures to mitigate key security risks
- Drive the ongoing PCI CP and DSS internal compliance (awareness training, vulnerability scans, etc.)
- Proactively seeking solutions to security problems and consulting with appropriate resources more complex security and compliance issues
- Assist in assessing vendor and 3rd Party risks within our Vendor Risk Assessment framework by reviewing the security capabilities of our external vendors
- Performs Licensing and related compliance support including routine license analysis, new volume purchases to verify inventory, license use & compliance
- Participate in external/internal penetration testing, including the remediation and follow-up action plans
- Monitor and perform periodic internal controls testing, as well as participate in the design, improvement and testing of related processes
- Understand the basics of security risks from patching and provide risk-based recommendations on patching activities
- Develop a comprehensive understanding of our knowledge base, Security Policies, SOC 2 controls, and public facing documentation
Experience For Hipaa Security Compliance Analyst Resume
- Assist in maintaining the GDPR data protection matrix
- Assist with data loss prevention, vulnerability scanning, and other security investigations as needed
- Manage the agency’s information security policies and procedures including all System Security Plan(s)
- Assistance with filling out SAQ questionnaires
- Assistance answering auditor questions
- Assist with other audits and compliance activities relating to data security and technical controls
- Knowledge of IT Security including Data Protection, Security Patch Management, Antivirus System, etc
- Monitor ticketing system queue for new products and initiatives within the Development, Infrastructure and Analytics organizations
- Coordination and scheduling security trainings for security officers and other employees of the company
List of Typical Skills For a Security Compliance Analyst Resume
Skills For Senior Security Compliance Analyst Resume
- Demonstrate strong verbal and written communication skills as well as strong analytical and problem solving abilities
- Proven ability to effectively research subject matter
- Develop effective teamwork and leadership skills
- Strong IT background with a good working knowledge of a variety of current and emerging technologies
- Demonstrated experience and knowledge in managing supplier/Vendor relationships
Skills For IT Security Compliance Analyst Resume
- Expert written and verbal communication skills with a focus on translating complex security/IT terms into plain English. Focus on clarity and impact
- Experience and strong working knowledge with industry standard commercial and open source SIEM and security analysis tools
- Strong experience with Microsoft product suite, particularly Microsoft Word, PowerPoint and SharePoint
- A proven ability and experience of policy/standard implementation
- Strong governance, risk and compliance experience
- Participate in/drive project and ensure timely project delivery. Organize own work effectively and efficiently
Skills For Security & Compliance Analyst Resume
- Able to handle repetitive task and eager to learn new knowledge and skills
- Previous at least 4 years of proven experience in similar position in IT /ICT security is essential
- Effective communicator, both internally and externally with the strong ability to work well within a team and on your own
- Perform effective and efficient reviews of key controls and communicate analysis of the effectiveness of controls as required
- Continue self-development of knowledge, skills and abilities
- Maintain a compliance / controls tracking dashboard consolidating multiple compliance efforts (audit tracking and risk exceptions)
- Experience in using and supporting wide range of IT systems and applications
Skills For IT Security & Compliance Analyst Resume
- Experience of working within frameworks and reporting against these
- Experience of conducting compliance reviews, including creation of GAP analysis reports and remediation plans
- Proven understanding of Operating platforms (i.e. Linux and Microsoft)
- Experience with preparing and testing IT Contingency Plans
- Experience with IT Operations and Security initiatives including COBIT, PCI, and ISACA auditing standards
- Experience with IT Governance, Risk and Compliance, as well as IT Security initiatives including PCI, COBIT, and ISACA auditing standards
- Familiarization and experience using TFS (Team foundation server) is desired
Skills For Senior IT Security Compliance Analyst Resume
- Experience in PCI credit card processing as well as eCommerce Cyber security
- Maintain audit evidence repository, ensuring artefacts remain current
- Good understanding of key security controls and industry best practice
- Experience of working with risk management methodologies
- Experience with Operating platforms (i.e. UNIX and Microsoft)
- Experience applying security to virtual platforms
- Work in a team environment. Effective working with matrix teams across organizational structure
- Provides side by side coaching for less experienced Security analysts
- Strong understanding and application of frameworks such as COBiT, COSO, ISO/IEC 27001:2005, etc
Skills For Cyber Security Compliance Analyst Resume
- Validate and update SOX documentation as needed to ensure scope, testing, and remediation activities are accurate
- Test effectiveness of controls relative to both SOX and Non-SOX application using ITGC
- Provide and collect evidence to auditors for SOX audits, working with IT, Finance, HR, and other departments as needed to resolve deficiencies
- Experience with creating all necessary PCI Certification and Accreditation documentation
- Information systems (DB/OS/Network) management experience
- Application Vulnerability Assessment experience
Skills For Security Compliance Analyst With English Resume
- Excellent knowledge of IT Security Assurance & GRC work including risk assessment programs and outputs
- Identifies process improvements and opportunities to increase effectiveness, proficiency, and processes of data security within the organization
- Self-manage and prioritise independently
- Experience in a large financial services or insurance organization
- Prioritize and multitask in a high pressure and results-oriented environment
- Participate in the review of routine changes in company processes, standards and technology to ensure the effectiveness of risk mitigation strategies
- Experience writing proposals and understanding basic contract language
- Experience and familiarity with cloud data security (FISMA/FedRAMP compliance) and working with public cloud solutions (AWS, Google, and Azure)
- Deep experience NIST SP 800 Series, FedRAMP and FISMA
Skills For System & Software Security Compliance Analyst Resume
- Proven track record in PCI compliance initiatives
- Operates as a key team member on security teams and advises on methods to improve the security solution
- Experience in enterprise IT information security policy and audits
- Experience with frameworks such as ITIL, AUSDAF, TOGAF, eTOM
- Provide evidence as requested, to support audit and compliance initiatives
- Strong knowledge of security standards and IT general controls
Skills For IT Security Compliance Analyst / Auditor Resume
- Litigation Hold Experience
- Experience with compliance related software (NICE Actimize, LexisNexis Risk Score, WW+, SalesForce.com, ADP internal applications-ALINE, AUTOPAY, RUN, TAX)
- Strong audit background, i.e., the ability to perform third-party risk/compliance assessments (internal and vendors)
- Strong intellectual curiosity and active in professional development
- Experience in IT administration or IT support
Skills For Hipaa Security Compliance Analyst Resume
- IT security with an emphasis on security operations and/or incident response experience
- Developing, performing and maintaining the appropriate risk assessments of systems and infrastructure of the company
- Developing appropriate risk treatment and mitigation options to address security and other compliance risks identified during reviews or audits
- Working with other Information Security team members to build and facilitate various training related programs and methods for delivery across Bain
- Travelling internationally when required for audits and training
- Understanding of application security compliance
- Working knowledge in Information Security
List of Typical Responsibilities For a Security Compliance Analyst Resume
Responsibilities For Senior Security Compliance Analyst Resume
- Advanced security system analysis skills
- Advanced risk assessment and management skills
- In-depth security system analysis skills
- Experienced with evaluating and testing controls around the full technology stack from application, operating system, database, and networking layers
- Skilled at organizing and translating information into clear written documentation; articulating complex concepts and processes in writing
Responsibilities For IT Security Compliance Analyst Resume
- Experience executing risk assessment methodologies and familiarization with audit testing and relevant documentation standards
- Information systems security or related auditing experience
- Information Systems audit experience in Big 4 accounting firms and/or related industry
- Facilitate Access Validation assessments and approval, ensure results are recorded in applicable tracking systems
- Project management, program management, or operations experience
- In-depth knowledge of risk assessment frameworks (NIST, ISO, or OCTAVE strongly desired)
- Experience with PCI DSS and CP
- Strong familiarity with PCI and SOX security requirements and controls
- Quires strong self-motivation, business decorum, and a desire to pursue a compliance career
Responsibilities For Security & Compliance Analyst Resume
- Compliance documentation, checklist validation, and six month/annual reassessments
- Experience in Healthcare or Compliance consulting
- Experienced in writing Technical documentation and knowledge of Cloud and Security concepts
- Experience with technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, and continuous monitoring, and POA&M management
- Hands on experience in Qualys Vulnerability Management
- Experience on NIST SP 800 Series, FedRAMP and FISMA
- Relevant experience
- Strong work ethic; able to work independently or with minimal supervision.,
Responsibilities For IT Security & Compliance Analyst Resume
- Knowledge and experience with enterprise operating systems, including Windows, Linux
- Experience working with Information Security standards and frameworks, including NIST, CIS, CSF, and the Critical Security Controls
- IT Audit or Compliance work experience, some of which was in a
- Assist in providing evidence of control review to external auditors
- Collect evidence regarding implementation of IT security controls
- Experience in a security role or relatable audit function
- Working knowledge of Auditing standards and related frameworks including ITAF, ISO, COBIT, COSO
- Understanding of Business Continuity, Disaster Recovery and Risk guidelines/standards in regards to healthcare
Responsibilities For Senior IT Security Compliance Analyst Resume
- Understanding of policy and procedure development
- Participate in administering the company's overall SOX program, including scoping, risk assessments, testing, deficiency evaluation, and reporting
- Provide direct contribution to the IT Security objectives with efforts in the many areas of administering, reviewing and testing IT security
- Provide pre and post assessment lessons learned, gathering information from the current assessments and provide on-going list of improvements
- Diligent in coordinating and executing processes and procedures
Responsibilities For Cyber Security Compliance Analyst Resume
- An understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards
- Responsible for maintaining and coordinating updates to the IT General Controls documentation for all sites globally
- Responsible for maintaining and updating the SAP Governance process and business functional approvals
- Assist with Security Awareness initiatives, such as, phishing campaigns, annual security awareness training
- Assist in analyzing and defining security requirements
- Develop a personal support network by developing and building relationships throughout the Information Security and other business unites
- Actively participate in communication, training and rollout of KYC and Sanctions/OFAC tools and processes
- Deep background in auditing, compliance and investigations
Responsibilities For Security Compliance Analyst With English Resume
- Technical understanding of Governance, Risk and Compliance Tools, SIEM Systems and other Information Security Appliances is desired, but not a requirement
- Technical writing ability (BCPs, DRP’s policies and procedures, etc.)
- Design, implement and maintain complex multi-dimensional healthcare specific compliance framework including documentation
- Develops, reviews, and maintains security risk management policies, standards, and practices, including technical IT security standards
- Collect and document technical architecture, operational processes and security policies from multiple internal engineering teams
- Server Hardening – ensures compliance policies are in place before server goes into production
Responsibilities For System & Software Security Compliance Analyst Resume
- Work and assist with various PCI Teams as an information security expert on projects and offers council regarding the intent of PCI requirements
- Assist in handling PCI Discovery/Gap Analysis initiatives and coordinate with various functional groups to resolve PCI compliance status for assigned clients
- Assist in documenting standards, processes, and procedures for incident response, security systems, and tools as needed
- Provides risk guidance for IT projects and recommendations for controls relating to third party management
- Identify areas where existing security architecture requires improvement and develop proposals, processes and implementation plans
- Provide technical and operational security support to Engineering, Legal, and various business units
- Has worked in a regulated environment, preferably dealing with PCI, SOX or other federally regulated examinations
- An understanding of IDS/IPS software such as CloudPassage, OSSEC, etc
Responsibilities For IT Security Compliance Analyst / Auditor Resume
- Perform workstation and server patching
- Responsible for managing IT compliance SharePoint sites for IT control updates and documentation
- Process and gather audit document requests internally and prepare them for distribution to the requesting audit entity
- Document and report to management on outstanding issues
- Responsible for driving security event response
- Plan and document all security information in the company including physical and network security
- Monitor industry trends for changes in physical and cyber security challenges and implement planning, policy and procedure changes in response
- Contribute to industry and government forums that develop industry guidance and regulations regarding security practices
- Familiar with at least with one coding languages
Responsibilities For Hipaa Security Compliance Analyst Resume
- Knowledge of securing servers (Linux and Windows), desktops (Windows 10), and network devices (Cisco, Juniper)
- Work calmly during stressful circumstances
- Identify applicable laws (by region), regulations and internal controls along with the corresponding level of IT compliance
- Develop and maintain ongoing process to remove unlicensed or unauthorized software
- Provides project updates to IT Security Manager and during monthly project status meetings
- Build ‘trusted partner’ relationships with key security stakeholders
- Work experience, ideally with a focus on one or a combination of the following: information security, risk assessment, IT audit, compliance and/or privacy