IT Compliance Analyst
IT Compliance Analyst, IT Risk Management
Have you ever had the opportunity to impact the lives of millions of people in a meaningful way and help them enjoy time away with their friends and families building memories? That’s what we do here at HomeAway.com, an Expedia Inc. company. We are the leading vacation rental website in the world with more than one million online bookable vacation rentals. Our mission is to make every vacation rental in the world available to every traveler in the world through our online marketplace and we're committed to helping families and friends find the perfect vacation rental to create unforgettable travel experiences together.
Job Summary:
Reporting to the IT Risk Manager, the IT Compliance Analyst will aid in oversight of HomeAway compliance programs including SOX, SSAE 16/18, and PCI-DSS. The right candidate will work closely compliance team leads and different departments to help execute, design, and improve IT control frameworks and IT security best practices. These activities include: risk assessments, operational process reviews, quarterly logical access audits, and policy review and enforcement. The role will support IT risk management processes to improve the overall risk management program through implementation of tooling and solutions allowing for automation and scalability.
Job Responsibilities:
Facilitate adherence to compliance standards by supporting team leads in coordination of external audits, control assessments, and scoping exercises
Perform IT-focused risk assessments for major IT projects and processes within the organization. The risk assessment process includes obtaining risk owner acknowledgement and tracking to mitigation.
Identify inconsistencies and gaps within a business and IT processes and collaborate with stakeholders to clarify and simplify complex processes in order to remediate a gaps
Provide guidance to the IT organization related to compliance, policy, and security requirements
Participate in providing automation of controls and real-time exception-based auditing
Produce high quality documentation and support guidance with facts and evidence
Effectively build and manage trusted partnerships with internal collaborators through knowledge, consistency, and quality of work
Research and remain up-to-date on IT risk management practices
Qualifications:
Bachelor’s Degree and at least 3 - 5 years of experience in an information security environment including knowledge of control frameworks including SANS Top 20 Security Controls, COBIT, IT general controls, and PCI-DSS
PCI ISA/QSA certification or experience preferred
Knowledge of cloud environments and technologies preferred
Must effectively deal with rapid technological and business changes while maintaining enthusiasm, displaying sound judgment, and being a solutions provider
Willingness to self-learn new technologies and tools
Ability to work in and understand scenarios at both the process and technical levels
Highly proficient in verbal and written communication
Highly motivated self-starter
Must have the ability to work independently
Benefits:
Great Medical & Dental Plans
Highly Competitive salary
Target annual bonus
Company stock (RSU's)
Employee Stock Purchase Plan
4 weeks paid vacation
Ability to work up to two weeks in any of our offices around the world on a yearly basis
Free drinks & snacks
Weekly company update talks with our leadership team
Free listing on HomeAway.com
Stand up desk
Casual dress code