Information Security Compliance Analyst at Arcosa Inc in Dallas, Texas

Job Description:

Arcosa, Inc. is seeking an Information Security Compliance Analyst in our Dallas, TX headquarters. Reporting to the Director of Cyber Security and Compliance, the Information Security Compliance Analyst will assist with the coordination and completion of government, regulatory, and compliance documents for Information Technology. This role will also generate reports and/or metrics that help track compliance issues identified through the Security & Compliance Assessment process.

Arcosa, Inc. (NYSE: ACA) is a growth-oriented manufacturer and producer of infrastructure-related products and services. The company has businesses with leading positions in construction, energy, and transportation markets with annual revenues in excess of $1B.

Responsibilities:

• Documenting, implementing, and assessing policies, processes, and procedures


• Actively serve as primary point of contact for internal and external audits (e.g. SOX,FFIEC) and provide IT management direction as to how to remediate pertinent action items.


• Partner with IT control owners in implementing and validating controls for Access Management, Release


• Management, Change Management and Vendor Management processes to ensure compliance with the IT Frameworks


• Coordinate with control owners to ensure active management /monitoring of controls occurs throughout the year


• Manage IT annual testing for internal and external audits, risk assessments, and regulatory, legal and policy compliance


• Assist with the requirements and achievement of appropriate certification programs surrounding information security


• Facilitate user access reviews and ensure respective remediation is performed in a timely manner


• Advise and partner with IT teams on how to effectively comply with IT standards to proactively mitigate risks


• Provide guidance and ensure compliance with any applicable information security standards and regulations for employees, partners, and other third parties


• Monitor, track and report status of security tasks and open remediation items


• Manage Data Protection Program and ensure access sensitive data is appropriately authorized


• Evaluate control effectiveness of internal and external risk assessments


• Develops procedures to support security related activities


• Manage Third Party Security Management program and ensure third party security risks are monitored


• Additional responsibilities as needed

Requirements:

• Bachelor's degree in Business Administration, Accounting, Information Systems or related field preferred


• 5 plus years of experience in IT audit or information security role


• Demonstrated experience maintaining and updating policies and procedures


• Demonstrated knowledge of information security standards and methodologies with general understanding of security processes, tools and latest technologies


• Knowledge of PCI, SOC2, ISO, COBIT, SOX GCC, ITIL, HIPPA, Privacy Acts, and other IT compliance frameworks


• CISA or CIA certified candidates preferred


• Strong verbal and written communication skills


• Ability to work with minimal supervision, balancing a mix of resources, due dates and requirements.


• Detail-oriented with strong adaptability and capacity to work in fast-paced environments

Information Technology