Senior Compliance Support Analyst

WSP is a global consulting firm assisting public and private clients to plan, develop, design, construct, operate and maintain thousands of critical infrastructure projects around the world.

Position Summary

Under the guidance of the SOC (Security Operations Centre) Compliance Manager, assist with analysis, mitigation, escalation and processing of; but not limited to the below.

Specific areas of responsibility may fall into any one of the following areas of Security Operations, as assigned by the SOC Compliance Manager or other SOC team Leaders, Managers or senior members.

•Lead the continuous improvement of the Global Information Security Management System (ISMS) in line with the applicable security and business requirements and regulations, ensuring that changes done are approved and managed in transparency with all stakeholders.

·       Contribute to the ISO 27001 multi-site certification and other transversal programs;

·       Monitor compliance with local and industry specific regulations (ISO27001, 52-109 ITGC, …) and participate in internal or external audits;

·       Advise on design and implements Identity Governance and User Lifecycle Management processes /activities in line with the SOC projects;

·       Perform ISO27001 gap assessments/implementation and internal audit activities;

·       Design related processes documentation;

·       Advise on design, design and implements Information Security Frameworks for different compliance tasks/documentation review processes / ongoing internal or external audits;

·       Support, collects and prepare required evidence during Compliance audit activities (external and internal);

·       Design Security Awareness materials (procedures/presentations/training materials);

·       Support, collects and deliver analysis required for metrics and reporting dashboards;

The Global Senior Compliance Support Analyst will have multiple security related roles within the organization. Their main goal will be to improve the existing and provide a more secure computing environment for the organization to conduct their business. The global security operations team will have overlapping duties however each role will have more specifically focused duties. As such, the role and essential duties will fit into the below classifications most closely.

They must learn how to prepare the requested documentation for different Global SOC processes necessary for WSP compliance. They will actively support the SOC Managers for designing the requested documentation for different compliance processes (ITGC – IT General computers Control, ISO 27001 – Information Security Management Process, Privileged Access Management, Vulnerability Management, Identity Governance, Integrated Organizations Compliance, Metrics and Compliance reports/dashboards)

Requirements:

Required

• Good communications skills and strong knowledge of spoken and written English.
• Technical background with a strong understanding of security concepts and practical usage.    
• Proactively seeks to improve security processes and implements security solutions, raising security awareness and overall security measures.
• Ability to work efficiently with minimal oversight/direction remotely, adjusting to changing priorities, circumstances, and personal interaction styles.
• An academic degree in IT or IT Security
• Experience in working in transversal teams and business units across borders.
• 2 - 4 years in applying and improving corporate policies in line with security standards, regulations, and best practices (i.e., ISO 27k, NIST CSF, 52 -109 ITGC…).
• Security certifications that evidence understanding of ISO 27k family standards or equivalent.
• 2 - 4 years’ experience in a similar role within a Global Organization.
• Experience in information security, risk, compliance.
• Solid knowledge in IT Governance frameworks such as COBIT, ISO 2700x, NIST, ITIL
• During employment solid knowledge of information security regulations applicable to WSP; 

Preferred

• Certified or equivalent i.e. ISO27001 Lead Implementer or Auditor, Security , CISSP, CISM, CISA, CRISC, ….

WSP Benefits: 

WSP provides a comprehensive suite of benefits focused on a providing health and financial stability throughout the employee’s career. These benefits include coverage related to medical, dental, vision, disability, and life; retirement savings; paid sick leave; paid vacation (or other personal time); paid parental leave; and paid time off for purposes of bereavement, voting, and/or attendance at naturalization proceedings.

Compensation:

Expected Salary (all locations): $69,600 - $157,000
WSP USA is providing the compensation range that the company in good faith believes it might pay and offer for this position, based on the successful applicant’s education, experience, knowledge, skills, abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

Expected Salary (Colorado only): $69,600 - $157,000

WSP USA is providing the compensation range that the company in good faith believes it might pay and/or offer for this position within the state of Colorado, based on the successful applicant’s education, experience, knowledge, skills, and abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

##LI-JB3

Salary : $69,600 - $157,000