• Prepare, plan, conduct, and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards (NIST SP800-53, SP800-115, SOX, NERC CIP v5).
• Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
• Obtain, review, and interpret organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
• Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
• Identify risks associated with control failures and supports the identification of mitigating controls.
• Engage management in discussion about creative, efficient, and effective was to improve internal control environment
• Partner with control owners to ensure control documentation is updated periodically to reflect curre...