- Interprets compliance requirements (SOX, GDPR, etc.) to address current and future compliance and security obligations.
- Defines control and process requirements necessary to meet regulatory, legal, and security policy compliance obligations.
- Evaluates, monitors, and ensures compliance with Cybersecurity policies, standards, guidelines and relevant legal and regulatory requirements.
- Participates in cross-functional work groups to promote ideal solutions that meeting the objectives of both the business and Cyber Risk Management team.
- Define and operate a control monitoring program to continuously measure application of controls across the environment.
- Develops internal control testing and documentation requirements to evaluate the performance of controls.
- Updates internal control matrices to support changes in the control environments.
- Conduct periodic internal assessments or audits of IT systems, applications, platforms, and operating processes to ensure compliance is maintained.
- Coordinate regular end-user security education, awareness, training, and engagement campaigns.
- Provide metrics and insights periodically to improve the security awareness training activities.
- Coordinate remediation of compliance, control, and security audit related findings.
- Create risk remediation plans with control owners and follows through in the implementation of changes.
- Coordinate external audit activities with internal resources.
- 5+ years of experience in security controls assessment and compliance management.
- Experienced in policy creation, security control definition, and security governance processes.
- Highly collaborative with ability to articulate ideas and influence peers and senior leaders.
- Develops and maintains internal and external business relationships and to leverage those relationships in pursuit of goals and responsibilities.
- Ability to work independently on tasks and take ownership of projects.
- Strong analytical and critical thinking skills, and excellent written and oral communication & presentation skills.
- Preferred certifications – CISSP, CISA
Circle K is an Equal Opportunity Employer.
The Company complies with the Americans with Disabilities Act (the ADA) and all state and local disability laws. Applicants with disabilities may be entitled to a reasonable accommodation under the terms of the ADA and certain state or local laws as long as it does not impose an undue hardship on the Company. Please inform the Company's Human Resources Representative if you need assistance completing any forms or to otherwise participate in the application process.
Click below to review information about our company's use of the federal E-Verify program to check work eligibility:
Apply on company website