Description
Hy-Vee, Inc.
Job Title : IT Security Auditor
Department : IT Security - GRC
FLSA : Exempt
General Function :
As an IT Security Auditor within Governance, Risk and Compliance for IT Security you will utilize your business and technical knowledge to ensure the company adheres to legislative, regulatory, industry requirements (e.
g. PCI DSS, HIPAA, Privacy, Vendor Management), internal policies and procedures and industry best practices (e.g. CIS, NIST CSF) through the coordination of internal reviews.
You will use your experience measuring and tracking cyber risk to evaluate control efficiency and coordinate key security related initiatives.
Core Competencies : Partnerships
Partnerships
Growth mindset
Results oriented
Customer focused
Professionalism
Reporting Relations :
Accountable and Reports to : Director, Governance Risk and Compliance
Direct Reports : None
Primary Duties and Responsibilities :
- Coordinate and provide subject matter expertise for PCI Store audits
- Collaborates with other teams to gather evidence to fulfill and complete audit objectives
- Coordinate control testing to measure effectiveness of the security compliance activities and objectives
- Accurately document the results of control testing and prepare work papers
- Coordinate Consumer Data Privacy requests with customers and data management
- Coordinate third party and vendor management procedures and questionnaires in accordance with compliance objectives
Education and Experience :
2+ years of experience in an IT field, preferably working with compliance and auditing-based tasks
Experience with Jira and GRC tools preferred.
Physical Requirements :
Visual requirements include : ability to see detail at near range with or without correction.
Must be physically able to perform sedentary work : operating a computer, occasionally lifting or carrying objects of no more than 10 pounds, and occasionally standing or walking.
Must be able to perform the following physical activities : meeting with customers, kneeling, reaching, handling, grasping, feeling, talking, hearing, and repetitive motions.
Knowledge, Skills, Abilities and Worker Characteristics :
- Excellent written and verbal communication skills required.
- Commitment to the Hy-Vee Mission and a willingness to promote the values of the company.
- Strong interpersonal skills. An ability to relate to and interact with other people in a friendly, professional manner.
- Ability to identify problems, develop and execute solutions.
- Highly motivated and a self-starter
- Strong ability to work individually and prioritize appropriately
- Demonstrates an in-depth and current knowledge of relevant industry, auditing, operational and / or technology / infrastructure.
Working Conditions :
The duties for this position are performed in a general or remote office setting. There is weekly pressure to meet deadlines and handle multiple tasks in a day.
Equipment Used to Perform Job :
Laptop and desktop computer, telephone, copier, Fax, printer, PC with Microsoft Office programs and other software relevant to specific position.
Confidentiality :
Has access to confidential information.
Are you ready to smile,