empty

IT Security Compliance Analyst

CARFAX

Job Description

Posted on: 
November 25, 2024

Summary and company overview

Join Team CARFAX as an IT Security Compliance Analyst

Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.

The IT Security Compliance Analyst is responsible for ensuring that the organization’s information systems and practices comply with applicable regulatory requirements, industry standards, and internal policies. This role involves assessing security controls, evaluating risk, conducting audits, and providing recommendations for improving the security posture of the organization. The IT Security Compliance Analyst works closely with various departments to ensure that compliance requirements are understood and met.

At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs.

About CARFAX

CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX® Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world’s largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell – Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.

Responsibilities

  • Conduct regular security assessments and audits to ensure compliance with regulatory requirements and internal policies.
  • Monitor and document compliance with standards such as NIST, PCI-DSS, SOX, SOC2 and other relevant frameworks.
  • Manage internal and external security assessments and risk analysis; while identifying, assessing, and documenting information security risks and recommend mitigation strategies.
  • Assist in the development, review, and maintenance of IT security policies, standards, and procedures to address compliance requirements.
  • Assist in the investigation of security incidents and breaches to ensure compliance with relevant regulations and standards.
  • Develop and deliver security compliance training programs and materials to ensure employees are aware of their responsibilities.
  • Work with cross-functional teams, including IT, legal, HR, finance, and business units, to address compliance issues and support business objectives.
  • Prepare and deliver compliance reports and presentations to management and relevant stakeholders.

Job Requirements

Required Qualifications:

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Business, or a related field.
  • Minimum of 3-5 years of experience in IT security, compliance, audit, or a related field.
  • In-depth knowledge of regulatory requirements, industry standards, and best practices related to information security and compliance.
  • Strong analytical, problem-solving, and critical-thinking skills.
  • Excellent written and verbal communication skills, with the ability to articulate complex compliance issues to diverse audiences.
  • Detail-oriented with strong organizational and project management skills.
  • Ability to work independently and as part of a team in a fast-paced environment.

Preferred Qualifications:

  • Professional certifications such as CISSP, CISA, CRISC, CISM, or equivalent preferred.
  • Proficiency with compliance management tools and technologies.

Additional commentary

  • Competitive compensation, benefits and generous time-off policies
  • 4-Day summer work weeks and a winter holiday break
  • RRSP matching
  • Annual bonus program
  • Casual, dog-friendly, and innovative office spaces
  • For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits

Don’t just take our word for it:

  • 10X Virginia Business Best Places to Work
  • 10X Washingtonian Great Places to Work
  • 9X Washington Post Top Workplace
  • 3X Louis Post-Dispatch Best Places to Work

CARFAX is an Affirmative Action/Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify.

Summary and company overview

Join Team CARFAX as an IT Security Compliance Analyst

Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.

The IT Security Compliance Analyst is responsible for ensuring that the organization’s information systems and practices comply with applicable regulatory requirements, industry standards, and internal policies. This role involves assessing security controls, evaluating risk, conducting audits, and providing recommendations for improving the security posture of the organization. The IT Security Compliance Analyst works closely with various departments to ensure that compliance requirements are understood and met.

At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs.

About CARFAX

CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX® Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world’s largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell – Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.

Apply now