Sr. IT Security Risk & Compliance Analyst
Sr. IT Security Risk & Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
Position Summary:
The Sr. IT Security Risk & Compliance Analyst will work within the security certifications team to support and mature a strong security certifications program. With an immediate goal to provide operation support in maintaining ISO:27001 C5 and SOC 2 certifications for Illuminas cloud-based analytics products. The role will bring the necessary subject matter expertise in the ISO C5 and SOC 2 security certifications space and work with the program manager based in the AMR region to meet future business needs. The position requires ability to operate with remote supervision with high customer satisfaction efficiency and accountability towards the success of the position interacts with all tiers of staff and management and must possess good project management and organizational skills.
Responsibilities:
Responsible for ensuring various process owners maintain the required ISO 27001 C5 and SOC 2 and various additional security framework requirements (e.g. NIST PCI HIPAA)
Management and custodian duties related to GRC tool (AuditBoard)
Documenting evidence that supports compliance with security requirements
Coordinates data gathering logging and upkeep of periodic activities as defined within the security management process.
Develops and maintains periodic review of ISMS program based polices.
Advises project teams and internal GIS customers on ISO C5 and SOC 2 certification scope and compliance approach.
Assist and lead process improvement projects to enhance control strength.
Manage Quarterly compliance requirements for various security frameworks
Operate independently to manage end to end compliance activities within projects.
Develops and maintains metrics to demonstrate security controls health throughout the year.
Assist in maintaining ISO C5 and SOC 2 security risks open action items and drive them for closure.
Support internal security audits conducted as part of ISO C5 and SOC 2 programs.
Schedule maintain and facilitate SME walkthroughs during external and internal audits.
Work within the GRC audit tool to maintain audit schedules control strength ratings and SME ownership assignments.
Facilitate and maintain ISO C5 and SOC 2 programs non-conformance actions including root-cause analysis and investigation status.
Listed responsibilities are an essential but not exhaustive list of the usual duties associated with the position. Changes to individual responsibilities may occur due to business needs.
Requirements:
Experience with ISO:27001 and SOC 2 requirements and security regulations within other frameworks e.g. 21 CFR Part 820/11 ISO 13485 FDA SOX HIPAA and C5.
Strong organizational skills to maintain and manage activities around ISO C5 and SOC 2 certification projects.
Strong experience with GRC tool configuration and maintenance (e.g. AuditBoard)
Experience working within a distributed team in multiple geographical locations.
Strong oral and written skills to persuade direct and advise stakeholders on security compliance processes.
Understanding of cloud infrastructure cybersecurity threats vulnerabilities and risk management
Ability to articulate security & compliance requirements & strategy and provide tailored approach to meet the business needs.
Experience and leadership in fast-paced project implementations.
Excellent customer service and communication skills.
Experience with software development lifecycle activities methodologies testing and validation.
Experience with common IT infrastructure and applications e.g. virtualization directory services storage DBMS.
Security certifications such as Security CEH CISA CISM or equivalent are a plus
All listed requirements are deemed as essential functions to this position; however business conditions may require reasonable accommodations for additional task and responsibilities.
Experience/Education:
Typically requires a bachelors degree and a minimum of 5 years of related experience.
#LI-HYBRID
#illuminacareers
We are a company deeply rooted in belonging promoting an inclusive environment where employees feel valued and empowered to contribute to our mission. Built on a strong foundation Illumina has always prioritized openness collaboration and seeking alternative perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay regardless of gender ethnicity or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences increase cultural awareness and offer opportunities to engage in social responsibility. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex race creed color gender religion marital status domestic partner status age national origin or ancestry physical or mental disability medical condition sexual orientation pregnancy military or veteran status citizenship status and genetic information. Illumina conducts background checks on applicants for whom a conditional offer of employment has been made. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable local state and federal laws. Background check results may potentially result in the withdrawal of a conditional offer of employment. The background check process and any decisions made as a result shall be made in accordance with all applicable local state and federal laws. Illumina prohibits the use of generative artificial intelligence (AI) in the application and interview process. If you require accommodation to complete the application or interview process please contact To learn more visit: The position will be posted until a final candidate is selected or the requisition has a sufficient number of qualified applicants. This role is not eligible for visa sponsorship.
Required Experience:
Senior IC
Employment Type
Full-Time
