Senior IT Compliance Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Dallas Fort Worth International Airport (DFW) · 1 month ago

Senior IT Compliance Analyst

positionDFW Metroplex
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Dallas Fort Worth International Airport (DFW) is one of the most successful airports in the world, recognized for its innovation and excellence. They are seeking a Senior IT Compliance Analyst to work with the Technology Security and Compliance team to ensure regulatory compliance and protect the Board's information assets. The role involves improving IT control frameworks, tracking assessments, and partnering with various departments to address security risks.

Airlines/Aviation

Responsibilities

Partners with senior management to improve internal IT control framework, including integration of multiple compliance requirements and standards such as PCI-DSS, CJIS and TSA’s Cyber and IT security through the Airport Security Program (ASP) across all existing and new enterprise applications, services, networks and users
Track internal and external control assessments, vulnerability reports, penetration reports, ASV scans, CJIS audits, internal and external audits, including remediation efforts
Partner with various IT groups and DFW departments to meet agreed upon timelines to address security risks in a timely fashion
Participate in regulatory compliance processes across the enterprise
Interacts with various business and IT groups to review, assess, and monitor compliance with various programs such as CJIS, PCI and HIPAA
Support the development, maintenance and updating of information security policies, processes and procedures
Assist in identifying and reporting risk areas and compliance issues to IT management, recommend cost effective remediation actions and continuously improve the control environment
Partner with the ITS Project Management Office (PMO) to create managed work and projects around cyber and IT security compliance efforts
Partner with departments and application owners to proactively coordinate the creation and collection of required disaster recovery planning perquisites (Risk Assessments, BIA’s, Run Books, Diagrams, Assets, Resources, Dependencies and Test Plans)

Qualification

PCI complianceGovernanceRiskCompliance (GRC)Disaster Recovery PlanNIST Cybersecurity FrameworkCIS Version 7Security certificationsSingle Sign On (SSO)Multifactor Authentication (MFA)Privilege Access Management (PAM)EncryptionMicrosoft 365 solutionsPowerBI reportingDocuSignProject managementProblem-solvingConflict resolutionCommunication skillsOrganizational skills

Required

Bachelor's degree in computer science, business administration or related field
Five (5) years of experience in risk management, governance, information technology or compliance
Experience with PCI compliance and Disaster Recovery Plan development, testing and maintenance
Experience using and/or administering a Governance, Risk, and Compliance (GRC) enterprise platform and Disaster Recovery Assurance Application
Experience using Security-related (vulnerability, SSL tracking, etc.) platforms to gather information for compliance reporting
Any equivalent combination of education and/or experience may be substituted for the above on a year-for-year basis
Possession of a valid class C driver's license
Knowledge and experience in reviewing third-party security reports (SOC 1 & 2)
Knowledge of CIS Version 7 or 8, NIST Cybersecurity Framework and Shared Assessments
Knowledge of information security concepts, standards, frameworks and best practices
Knowledge of principles and procedures involved in handling sensitive data
Knowledge of Single Sign On (SSO), Multifactor Authentication (MFA), Privilege Access Management (PAM) and Encryption
Ability to communicate clearly and effectively, both orally and in writing, at all levels within and outside the organization
Ability to establish and maintain effective working relationships inside and outside the organization
Ability to evaluate and recommend preventative and corrective controls to mitigate risk to the Airport Board
Strong organization skills with the ability to handle multiple work streams
Skill in project management, problem-solving and conflict resolution
Skill in all Microsoft 365 solutions, PowerBI reporting, and DocuSign
High integrity and business ethics
Must obtain a Security Identification Display Area (SIDA) Airport Identification/Access Badge (badge) in accordance with Department of Homeland Security Transportation Security Administration (TSA) requirements in Chapter 49 of the Code of Federal Regulations Part 1500 et. Al. and DFW Airport's Airport Security Program within thirty (30) days from date of employment and maintain qualification for a SIDA badge upon each badge renewal

Preferred

Ability to work efficiently and independently with minimum supervision (self-motivated and willing to stretch to meet important deadlines)
General knowledge of CIS, ISO 27001, NIST 800-53 and other control frameworks
Familiarity with GRC and Data Protection Tools
Security certifications such as CIPP, CISA, Others
Business acumen to consider the implications of Information Security and Compliance to the current and future environment

Company

Dallas Fort Worth International Airport (DFW)

twitter
company-logo
DFW Airport, the 2022 Airport Service Quality (ASQ) winner for Best Airport that serves over 40 million passengers in North America by Airports Council International (ACI), warmly welcomes more than 72.2 million customers along their journey every year, making DFW one of the most frequently visited superhub airports in the world.
dateFounded in 1974
location
DFW Airport, TX, US
people-size1001-5000 employees
web-link
http://www.dfwairport.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Sean Donohue
CEO
linkedin
leader-logo
HR at Dallas Love Field
Aviation Partner
linkedin
Company data provided by crunchbase