Information System Auditor
Current• Responsible for the planning, preparation and pre-assessment exercises related to PCI-DSS version change to version4.• Responsible for translating regulatory and compliance requirements for critical business operations into actionable project activities• Provide oversight and assist coordinating activities such as internal and external IT audits and IT compliance activities including SOC 1&2, PCI DSS, SSAE 18, HITRUST, and HIPAA• Conduct and oversee continual internal assessments to ensure compliance is maintained• Monitor and assist with IT governance including researching compliance frameworks as the environment changes, creating and/or updating corporate policies, standards, and procedures• Assess compliance and operational risks• Collaborate with other non-IT compliance organizations (Human Resources, Finance, Development, others) for organizational compliance requirements• Responsible for the administrating and maintaining the organizations Governance, Risk and Compliance (GRC) tool including building control objective templates aligned to compliance goals (SOC, PCI, etc), creating, assigning and tracking tasks• Responsible for evidence collection and review to ensure adherence to compliance objectives• Provide oversight of all identified control vulnerabilities• Coordinate, track and report control finding and observation remediation efforts• Lead the organization through successful HITRUST certification • Maintained SOC/PCI/EHNAC certification status