Project Specialist II provides professional and analytical support to program and project initiatives of complex nature with multiple dependencies. Candidate duties may include: performing research, analyzing moderate to highly complex information, developing and presenting recommendations to constituents, working with or overseeing the work of outside business partners, etc. Manages project timelines and objectives to completion. Bachelor's degree and 2-4 years related work experiencePlan, execute, review and lead information technology compliance and governance initiatives, primarily in the areas of National Security Agreement, NY Department of Financial Services part 500, and the California Privacy Act.
Develop and implement a governance and control framework to monitor IT production environments for potential system integrity exposure and control weaknesses. Identify various risks (e.g., financial, operational, compliance) to the organization and make recommendations for corrective actions/mitigation of risks. Evaluate complex information systems and controls, report findings to management, and communicate recommendations for corrective actions. Assist in the development of a new compliance and governance program specific to clients compliance with NY DFS part 500 and CA Privacy law.
Requires clear, concise written and verbal communication skills with technical teams, non-technical teams, and translation between both.The individual will work with process owners at all levels to develop solutions to close issues related to non-conformance findings. Demonstrated expertise in relevant areas which include, but are not limited to, Network Security, Network Administration, System Administration, Application Security and Consultancy, System Integration, Auditing, or any special skills. This individual will assist in the creation of a NY DFS vendor risk assessment and validation capability and define CA privacy compliance and audit project requirement and validation methods. Preferred: CISSP, CIPP and/or CISA, or equivalent experience.This individual should be familiar with governance and risk management programs.
Able to work with various stakeholders to define and document control and testing methodologies. Preferred: One or more of the following certifications: CISSP, CIPP and/or CISA, or equivalent experience. Previous background in IT Security, architecture, data, development, database technologies, data loss prevention vendor risk management or development is a plus. Also a plus: proficiency in data manipulation and analysis (e.g.
deep Excel expertise, including pivot tables).Local candidates only. Not a driving position. This is a possible temporary to permanent position.