IT Controls Specialist: Focus on PCI and NIST
Skills & Expertise:
- 8+ years of experience in IT Risk or IT Audit roles.
- Strong understanding of IT Risk & Compliance, with a focus on Control Design Assessments, Sample-Based Control Testing (operational), and Controls Monitoring.
- Extensive experience in Technology Audits, specifically related to PCI or FedRamp.
- Proven experience in establishing a Controls Assurance framework, including Control Assessments, Testing, and Monitoring.
- Ability to effectively identify, assess, and communicate the severity and potential impact of control findings to risk owners, driving objective decision-making.
- Deep knowledge of information technology trends and emerging technologies, and how they align with company objectives.
- Expertise in IT policies, laws, standards, and frameworks specific to Control Assessments, Testing, and Monitoring.
- Familiarity with compliance frameworks such as PCI, NIST (800-53, 800-171, CMMC), SOC, CIS, etc.
- Experience using GRC tools.
- Proficient in MS Office.
- Familiarity with automated tools for data analytics and monitoring.
- Experience in building management reporting.