Using GM Financial’s Information Security policies and standards, and applicable industry regulations, monitor and analyze compliance among the organization’s employees, contractors, applications, and infrastructure from both an internal and external perspective. The IT Compliance Security Analyst will perform internal and external testing of systems and controls to proactively support the compliance efforts of the organization.
Additionally, this team member is part of the IT Services organization and will participate in other project efforts, as needed, including Business Continuity/Disaster Recovery (BC/DR) and Change Management.
Monitors and analyzes IT compliance within the organization of its information security policies and procedures among employees, contractors, applications, and infrastructure from both an internal and external perspective.
Employ both proactive and detective methods in performing penetration, risk, vulnerability, and security assessments on corporate assets using a formal methodology.
Conduct company-wide security audits against the organization’s compliance controls.
Consults with technical counterparts to recommend remediation strategy for audit and security findings.
Compiles and reports on technology compliance metrics.
Works with internal and external audit entities to monitor and confirm audit activities.
Develop, review, organize, and analyze compliance and assessment documents.
Consults with business and other IT teams in the design and implementation of new or modified information security processes.
Lead and participate in multiple compliance and documentation initiatives to successful implementation.
Develop and maintain productive working relationships with IT, Corporate Security, IT Audit, and other stakeholders.
OTHER IMPORTANT DUTIES: Actively participate in evaluating and improving the current IT policies, procedures, standards and other documentation. Perform other duties as assigned by management.