Join Netcracker Technology, a wholly owned subsidiary of NEC Corporation, to work for a forward-looking software company, offering mission-critical solutions to service providers around the globe. Our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem. With an unbroken service delivery track record of more than 20 years, our unique combination of technology, people and expertise helps companies transform their networks and enable better experiences for their customers.

Position Summary:

The IT Compliance Analyst reports to the Director of Information Security & IT Compliance and is tasked to provide timely and quality service to ensure that IT security, privacy and compliance risks are adequately identified, communicated, mitigated and/or tracked for remediation. This position will support IT global risk and compliance projects, and contribute to the information security compliance program. 

Responsibilities include:

• Assist with the planning, execution and reporting of client audits, attestations and regulatory requirements across the globe.
• Perform security risk assessments (SRA) according to the Netcracker Security Risk Assessment Framework.
• Support requirements gathering and design efforts of compliance projects as needed.
• Provide remediation recommendations and/or recommend alternate solutions to resolve exceptions to privacy and security standards and audits.
• Research and maintain knowledge base regarding information security issues, solutions and potential implications.
• Comprehend and communicate requirements, security standards, control deficiencies and their associated risks to management.
• Provide security governance and advisory services to business units and project teams while building and maintaining relationships.
• Maintain a continuous process improvement work environment and metrics reporting process while executing security risk assessments in accordance with industry standards and best practices.
• Communicate effectively orally and in writing and express conclusions and recommendations in a clear, technically sound manner. 

 Requirements:

• Minimum 3-4 years of hands-on technology risk, security and/or governance experience.
• Understanding of IT governance, information security policies, standards, industry best practices.
• Understanding of security/risk frameworks (e.g., ISO 27K, NIST 800 series, COBIT, etc.), regulatory compliance (e.g., SOX, SOC 1/2/3, PCI, etc.) and privacy (EU Data Protection, Binding Corporate Rules, Privacy Shield, etc.) regulations from a global perspective.
• CISSP, CISA, CISM or equivalent designation.
• Understanding of network security, OSI model and/or working within IT security is a plus.
• Experience using Risk Management tools is a plus.
• Demonstrated excellent written and communication skills.
• Demonstrated organizational skills with respect to time management and work production.
• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

 Education:

• Bachelor degree in Information Systems or related field or an equivalent combination of education and experience.