We’re seeking a motivated and talented IS Compliance Specialist who will take the responsibility for the Supply Chain Quality Systems oversight and data integrity of technology and goods in North and Central America. The IS Compliance Specialist is responsible for performing, or leading, complex and/or significant compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyses result and effectively communicates results to senior management.
What you bring to the role:
This position requires proficiency in navigating and interpreting the ISO Regulations with a focus on Information Security and compliance. This role will engage customers screening and using critical thinking skills daily.
This position requires strong concern for quality and accuracy of work with a results-oriented focus. The work involves technical thinking and problem solving based on detailed knowledge and analysis of technology products
Support global activities as they relate to ISO27001, ISO9001 and ISO14001. The IS Compliance Specialist is responsible for providing subject matter expertise in ISO27001 Information Security regarding compliance requirements. In addition, the IS Compliance Specialist will work to implement, maintain and improve the Information Security Management System at a corporate level for Ingram Micro facilities across North and Central America. The IS Compliance Specialist is responsible for performing, or leading, complex and/or significant compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyses result and effectively communicates results to senior management.
- At least 5 years of industry experience in an IS compliance role.
- Manage and Support IT compliance activities for regional IS support of ISO27001 auditing, reporting and remediation where appropriate.
- Coordinate and communicate IT compliance activities to align with Global IS leadership in support and improvement of ISO27001 management system.
- Ensure regional IS compliance to IS security standards (ISO27001) requirements
- Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach.
- Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures.
- Execute operational activities to support IS audit and compliance activities including technical validation processes.
- Execute collection of evidence to support compliance status
- Provide and present reporting including monthly metric delivery
- Manage escalation and enforcement for unresolved noncompliance issues
- Manage and Support External Audit activities and reporting
- Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives
- Support compliance and security validation of all 3rd party IT providers
- Maintain strong working relationships with internal and external support teams including Global, Regional and Country IS associates
- Work on special projects as required by management
- Stay abreast of changes within the IS compliance areas including business change requirements and regulatory changes from an international perspective
- Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations
- Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements
Process Improvement and Associate Success:
- Self-starter with the ability to work independently and in cross functional teams
- Actively looks for opportunities to develop new ideas to positively impact existing methods, services, or products.
- Understands, analyzes, and documents cost/benefit analysis where appropriate.
- Actively accepts individual and team responsibilities and meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.
- Ability to multi-task and work on projects concurrently and under tight deadlines
- Must be detail oriented and customer focused with excellent time management skills
- Takes and exhibits initiative to further develop technical and professional skills, by attending training and/or willingness to learn new systems or technologies in use by the Information Systems department.
- Possesses understanding of Ingram Micro’s business including knowledge of department names and business processes conducted by each, company global organization, and key customer and vendor segments.
- A Bachelor’s degree in Computer Science, Engineering, or related Science and Math discipline with an IS or Business emphasis is required.
- 5+ years of experience with IS compliance projects (specifically ISO27001)
- Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption
- Strong understanding of TCP/ IP and other network protocols
- Understanding of the basic audit best practices, standards and methodologies
- Ability to formulate detailed technical documentation preferred
- ASQ Certified Engineer, Auditor or OE Managers preferred
- Experience using SharePoint, MS Excel, Word, PowerPoint and Visio
- Must possess a valid passport and be legally allowed to leave and return to originating country.
Develops Innovative Practices
Works as a Team Member
Acts with Integrity & Respect
May be required to work in an office environment, with or without air conditioning and fluorescent lighting. May also be required to spend time in a distribution center, without air conditioning. Some geographies may have remote office conditions of lower standards than the home country.
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.
Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.