Become familiar with SOC audit and security compliance requirements to effectively communicate DXC security standards and SOC audit requirements (e.g., SSAE 18, ISAE 3000, ISAE 3402) as needed to help DXC teams achieve successful audit outcomes.
- Understand in-country regulatory requirements with regards to sharing of data internal and external to DXC.
- Develop a compliance verification strategy in collaboration with DXC teams.
- Analyze and proactively plan and communicate changes within control environments for the assigned control area(s), to identify, evaluate, and address risks and impact to the SOC audits, DXC teams and internal organizations.
- Serve as the primary point of contact for questions related to the assigned control area(s) managed for SOC audits.
**Responsibilities include**:
- Creates and updates audit plans, manages control procedures.
- Plans and executes internal information security assessments and audit engagements.
- Improves audit experience for DXC teams and customers by providing timely and accurate audit guidance and supporting audit evidence.
- Verifies compliance with security policies.
- Performs internal risk analysis and creates remediation plans to ensure compliance.
- Manages audit activities and understanding audit requirements.
**Job Requirements, Essential**:
- Previous auditor experience with an auditing firm is a strong plus.
- Experience with emphasis in information technology, information security, regulatory or other compliance management.
- Excellent understanding of project management principles.
- Experience with risk management techniques.
- Knowledge of regulatory and assurance compliance requirements (such as ISO 27001, SSAE 18 (SOC 1 & 2), HIPAA/HITECH, PCI, and/or Data Privacy).
- Excellent communication skills; written and verbal.
- Team player.
- Experience with GRC tools (such as Archer) a plus.
**Qualifications**:
- 4-6 years equivalent experience in security, compliance, and data privacy.
- Bachelors or undergraduate degree or equivalent diploma, or combination of education and relevant experience.
- Skilled in planning, problem solving, analysis, collaboration, and communication.
- Strong organization skills to balance work and execute audit plans for complex systems in a highly matrixed organization.
- Proficient with Microsoft Office suite (Word, Excel, PowerPoint) & Share Point.
- Professional certifications such as PMP, CISA, CISM, CISSP, etc. a plus.