Do you want to work in a dynamic and demanding atmosphere where you can make a difference as an information technology professional and have fun doing so? A large vision necessitates a large task. As we expand, so does our need for additional expertise in information security, privacy, governance, risk, and compliance (GRC). To satisfy the expectations of this expanding company, we are looking for motivated, innovative professionals who are passionate about thinking outside of the box to provide top-tier technical solutions and supporting documentation.

In this role, you will join a team supporting IT internal controls, compliance, and cyber risk analysis across all divisions and multiple technology platforms. Our ideal candidate will be self-motivated and highly driven with keen attention to detail and reporting requirements, and experience supporting internal and external audits, and a variety of projects and strategic initiatives across the business.

SUMMARY

Support IT internal controls, compliance, and cyber risk analysis across all divisions and multiple technology platforms.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Maintain legal and regulatory compliance through effective research and communicating the ever-changing requirements to IT team members and other corporate leadership.
• Manage annual IT internal and external audits, risk assessments, and regulatory, legal, and policy compliance to ensure prompt, accurate responses to internal and externals requests.
• Review auditor requests to ensure they are appropriately scoped and reasonable.
• Oversee the collection of audit evidence and materials provided by internal team members to ensure completeness and accuracy prior to auditor submission.
• Create and maintain productive working relationships with key business, internal audit, and compliance officials as well as IT staff from each division to effectively collaborate on compliance and risk-related concerns.
• Present findings/suggestions that will allow IT to satisfy new and existing regulatory obligations across all divisions, including compliance requirements of other countries in which we operate or hire.
• Work with control owners to ensure controls are actively managed and monitored throughout the year.
• Conduct IT compliance training sessions to prepare for audits/assessments and mentorjunior team members.
• Inform others about IT risk and compliance issues and shortcomings to ensure that remedial action plans are in place and are properly tracked.
• Make suggestions for repeatable, quantifiable, and long-lasting remediation programs, and follow up on action plans until they are completed.
• Develop IT documentation for IT internal controls in consultation with IT and the EVP of compliance including IT process narratives, process flows, and documented control actions.
• Develop and maintain various enterprise policies and procedures.
• Assist in sustaining governance tools for risk and compliance, including 3^rd party risk management, and contribute to the design, creation, and maintenance of risk-based metrics.
• Ensure compliance with the IT frameworks by helping IT control owners implement and validate controls for the processes of access management, release management, change management, and vendor management.
• Collaborate with IT on how to efficiently adhere to IT standards and proactively reduce risks.
• Maintain regular and punctual attendance.
• Perform other duties as assigned.

SUPERVISORY RESPONSIBILITIES

• None.

MINIMUM QUALIFICATIONS

• Bachelor's degree in business, computer information systems, management information systems, computer science or cybersecurity preferred.
• In lieu of degree, eight (8+) plus years of relevant experience.
• Five (5+) plus years of IT experience with increasing responsibility.
• Four (4+) plus years of experience in IT audit, compliance, and risk management.
• Experience working in a large, integrated international corporation.
• Expertise in frameworks or legal standards such as COBIT, NIST 800-53 and 800-171, HIPAA, PCI, and GDPR.
• Knowledgeable about detecting hazards for automated controls.
• Experience developing, implementing, and administering vendor, supplier, and other 3^rd party security assessments.
• Experience working with ERP systems to detect problems, generate problems and reports, and remediate problems.
• Proficient in obtaining audit data from ERP systems and creating reports to satisfy audit requirements.
• Experience managing projects in a complex, decentralized IT organization.
• Working knowledge of Azure and AWS environments, especially GCC Moderate and High.
• Working knowledge of databases, DevSecOps, containers, development tools.
• Working knowledge of firewalls, wired and wireless networking, SIEM (XDR), end point management and security, VDI, and MFA.
• Comprehensive understanding of evaluating third-party SSAE 16 (SOC 1 and 2) reports and contracts to ensure that third-party vendors and partners have effective internal control programs and identify all risks they might present.
• Ability to collaborate well in a dynamic, fast-paced setting.
• Ability to balance a variety of resources, deadlines, and requirements while working on various tasks.
• Strong written and verbal communication skills, including the capacity to speak with business partners in an effective manner regarding IT compliance and cyber risks.
• Must obtain and maintain any necessary security access and/or background checks. (U.S. citizenship required)

DESIRED QUALIFICATIONS AND & SKILLS

• Eight (8 +) plus years of experience in growing IT roles.
• Experience supporting internal and external audits, and a variety of projects and strategic initiatives across the business.
• Experience supporting a US government contracting agency.
• Experience in complex business processes and technological risks.
• Professional certification(s).
• Self-motivated and highly driven with keen attention to detail and reporting requirements.

WORK SCHEDULE

Full-Time. May be required to work additional hours as needed to complete assignment or project.

TRAVEL

The expected travel time is less than 25%.

DRIVING REQUIREMENTS

Must have or be able to attain a valid state driver's license and be insurable on the company's automobile insurance policy. Driving, with or without accommodation, may be required when traveling for training and/or short occasional amounts of local driving. The expected driving time is less than 25%.

WORK ENVIRONMENT

Work is performed in a hybrid setting. Employee will work remotely and, in an office setting in Orlando, FL. Employee will be exposed to a wide variety of people in differing functions, personalities, and abilities.

PHYSICAL DEMANDS

Position consists of seeing up close and sitting for long periods of time, bending, stooping, crouching, and lifting up to 30 pounds. Frequently uses hands/fingers for manipulation of keyboard and mouse. It is Katmai Government Service's business philosophy and practice to provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities.

Compliance:

To be considered for this position, all applicants must apply on the company website,

We are a VEVRAA Federal Contractor

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to age, race, color,religion, sex, sexual orientation, gender identity or national origin, disability status, protected veteran status, marital status, familial status or any other characteristic protected by law.Preference will be given to Ouzinkie Shareholders, Descendants of Shareholders and Spouses of Shareholders in accordance with Title 43 U.S. Code 1626(g) and Title 42 U.S. Code 2000e - 2(i).

Executive Order 11246, as amended, protects applicants and employees from discrimination based on inquiring about, disclosing, or discussing their compensation or the compensation of other applicants or employees.