Ingram Micro
Join our Talent Network

This site uses and sets "cookies" on your computer to help make this website better. You can learn more about these cookies and general information about how to change your cookie settings by clicking here. By continuing to use this site without changing your settings, you are agreeing to our use of cookies.

Skip to main content

Assoc. IT Compliance Analyst-IND

Chennai, TN, India
Job ID: 37588

Description

 Job Description for Sr. IS Security SAP Analyst Ingram Micro Inc.

 

 Ingram Micro

 

JOB DESCRIPTION

 

JOB TITLE: Sr. IT Compliances Specialist                       COMPLETED BY: Madhur Sharma

JOB CODE: To be created                                                          DATE: 02/05/2020

DEPARTMENT: Global IS                                                           GRADE/FLSA: 8

POSITION REPORTS TO: Manager, Compliance

APPROVED BY: Madhur Sharma

JOB TITLES REPORTING TO THIS POSITION: None

 

I. SUMMARY:

 

The Sr. IS Compliance Specialist is responsible for performing, or leading, complex and/or significant compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyses results and effectively communicates results to senior management.

On a primarily independent basis, support global activities as they relate to IS compliance including: Financial Regulations, Statutory Audits, PCI, ISO 27001, customer commitment obligations such as SOC1 and SOC2 attestation, Internal and External Auditor liaison support and management documentation / reporting. This support will be accomplished by reviewing existing processes, identifying improvements activities and recommending control improvements and/or efficiencies.

 ESSENTIAL FUNCTIONS:

 IS Compliance:          

  •                   At least 3- 4 years of industry experience as a PCI QSA and ability to assess complex PCI requirements.
  •                   Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach.
  •                   Leads and/or participates on audit/compliance of applications, IT General Controls, and security of the enterprise.
  •                   Leads and/or participates on audit/compliance activities of various departments for compliance with plans, policies and procedures.
  •                   Manage and Support IT compliance activities for global IS in support of Statutory Audits, PCI, ISO27001 auditing, reporting and remediation where appropriate
  •                   Execute operational activities to support audit and compliance activities including technical validation processes
  •                   Manage quarterly self-assessment of global IS and reporting
  •                   Ensure Global IS compliance to security standards as they relate to SOC1, SOC2 and ISO 27001 requirements
  •                   Execute collection of evidence to support compliance status
  •                   Provide and present reporting including monthly metric delivery
  •                   Manage escalation and enforcement for unresolved noncompliance issues
  •                   Be a liaison for Internet Audit activities, reporting and escalations
  •                   Manage and Support External Audit activities and reporting
  •                   Collect information, manage status of global PCI requirements and status
  •                   Manage response and status to external reporting for financial compliance in relation to PCI
  •                   Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting Statutory Audits Objectives, PCI, SCO1 and SOC2 objectives
  •                   Support compliance and security validation of all 3rd party IT providers
  •                   Maintain strong working relationships with internal and external support teams including Global, Regional and Country IS associates
  •                   Support the Financial Compliance team in enforcing controls as required
  •                   Work on special projects as required by management
  •                   Stay abreast of changes within the IS compliance areas including business change requirements and regulatory changes from an international perspective
  •                   Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations

 

Process Improvement and Associate Success:

  •                   Perform business processes value-added assessment of internal controls, systems, processes, financial reporting, and identify opportunities for improvement and efficiencies.
  •                   Actively looks for opportunities to develop new ideas to positively impact existing methods, services, or products.
  •                   Targets performance improvements while analyzing systems and processes.
  •                   Understands, analyzes, and documents cost/benefit analysis where appropriate.
  •                   Actively accepts individual and team responsibilities and meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.
  •                   Actively mentors and assists other IS personnel on topics related to IS security
  •                   Effectively multi-tasks on multiple assignments and deliverables.
  •                   Takes and exhibits initiative to further develop technical and professional skills, by attending training and/or willingness to learn new systems or technologies in use by the Information Systems department.
  •                   Possesses understanding of Ingram Micro’s business including knowledge of department names and business processes conducted by each, company global organization, and key customer and vendor segments.

 

 

 Education and Technical Expertise:

  •                   A Bachelor’s degree in Computer Science, Engineering, or related Science and Math discipline with an IS or Business emphasis is required.
  •                   8-10 years or more relative experience in a global information technology environment with a background in auditing and process support
  •                   Strong knowledge in commercial ERP applications including SAP, Oracle
  •                   Information Security background including an understanding of the basic security best practices, standards and methodologies
  •                   IT technical knowledge in support of compliance including Operating System, Database, Networking and Security technologies
  •                   Must possess a valid passport and be legally allowed to leave and return to originating country.
  •                   Ability to formulate detailed technical documentation, remediation requirements
  •                   Strong communication skills for both technical and business level discussions on compliance matters
  •                   Relevant auditing and compliance certification (e.g. CISA) preferred

 Behavioral Competencies:

Communication

  •                   Keeps his/her manager informed of any problems, challenges, or unanticipated events affecting his/her work.
  •                   Listens respectfully and avoids interrupting.
  •                   Expresses ideas and suggestions in an organized and concise manner both orally and in written form.
  •                   Solicits and readily accepts constructive feedback.
  •                   Maintains composure when addressing an adversarial or hostile audience.

 Decision Making

  •                   Researches and collects appropriate data points for effective decision making.
  •                   Readily makes recommendations and includes necessary documentation and material to support conclusions.

 Develops Innovative Practices

  •                   Identify, develop and manage innovative ideas and solutions to problems.
  •                   Identify opportunities to reduce inefficiencies in work processes.
  •                   Recognizes when it is appropriate to challenge the status quo and when it is not.

 Works as a Team Member

  •                   Supports team decisions to implement changes, suggestions, improvements, and solutions.
  •                   Encourages and supports the exploration and application of best practices.
  •                   Offers assistance to others and shares information regardless of personal likes or dislikes.

 Acts with Integrity & Respect

  •                   Prevents personal conflicts from interfering with his/her objectivity.
  •                   Consistently arrives on time for meetings and appointments.
  •                   Accepts responsibility for the results of his/her decisions and actions.
  •                   Behaves in a way that is consistent with Ingram Micro’s values.

 MENTAL AND PHYSICAL DEMANDS:

 Must be able to exercise good, consistent judgment when evaluating technical implementations or business requirements against corporate policies or escalating issues

  •                   Must be able to work with people from different countries and cultures
  •                   Must be able to work in high pressure situations related to IS security matters
  •                   Must be available for support requirements based on global responsibilities
  •                   Must be able to work early morning and late evening hours and weekends, when required
  •                   Must be able to communicate effectively in writing. Must be able to write clear, concise and factual evaluation documents that can be understood by others
  •                   Must be able to participate in meetings several times a month to give and receive information
  •                   Must be able to follow direction and procedures accurately; to organize facts and figures; apply basic math
  •                   Daily sitting, focusing on and operating a personal computer or terminal keyboard for over 120 minutes at a time.
  •                   Communicates by telephone for more than 60 minutes on a daily basis.
  •                   Writes using pen/pencil or personal computer keyboard for up to 120 minutes at a time on a daily basis.
  •                   Reads printed words and numbers in printed form and on computer/terminal monitor.
  •                   Distinguishes objects or symbols at 20 feet or more and 20 inches or less.
  •                   Travel by air, from 1 to 10 days, is required. Must be able to sit on a plane for up to 13 hours at a time

 EQUIPMENT USED AND NECESSARY:

 Personal computer

Computer printer

FAX

Photocopier

Telephone

Mobile device such a Blackberry

Advanced computer equipment

 ENVIRONMENT:

 May be required to work in an office environment, with or without air conditioning and fluorescent lighting.  May also be required to spend time in a distribution center, without air conditioning. Some geographies may have remote office conditions of lower standards than the home country.

Ingram Micro
Share: mail

STILL LOOKING?

Get updates about the latest job openings
that match your skills.

Sign up today