IS Compliance Specialist

Hyphen have a fantastic opportunity for an IS Compliance Specialist to work for a large Utilities client of ours based in Solihull on a 4 month contract.

The successful candidate will be responsible for conducting compliance assessments and for identifying related risks. You will have experience in evaluating IT General Controls, Access Controls and Change Management.

Duties:
- Develop and execute clearly written test plans based on control objectives in a repeatable manner
- Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation
- Verifies the design and effectiveness of controls to secure information system assets, including people processes and technologies
- Complete work papers by documenting compliance assessments and findings clearly articulating test methodology and steps taken
- Prepare regular status reports for internal management
- Communicate findings by preparing a final report; discussing findings with auditees and documenting results
- Communicate findings with the IS risk team to coordinate findings, develop action plans based on risks and confirm that appropriate steps are taken to close out findings
- Ensure controls support Compliance with International, Federal, State, and local requirements enforcing adherence and advising management on needed actions
- Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
- Contributes to team effort by accomplishing defined objectives
- Support IS Internal and External audit teams by coordinating requirements
- Work with Third Party Service Providers to evaluate control design and operating effectiveness
- Work with internal Stakeholders, including regulatory, legal and IS to build and maintain relationships and deliver value

Key Skills/Experience Required:
- Strong IS Audit Experience
- CISA would be ideal
- CRISC would be ideal
- CISM would be ideal
- Archer GRC would be beneficial
- Knowledge of assessing Third Part Service Providers and associated risks
- Understanding of SSAE 16, ISAE 3402, SOC 1, SOC 2 and AUP reports and principles
- Understanding of SAP systems and controls, including basis and technical components
- Strong Presentation Skills
- Knowledge of control frameworks (COSO, CobIT, ISO, UCF, NIST)

The above must be clearly highlighted in your CV for consideration

Hy-phen Limited is acting as an Employment Business in relation to this vacancy. The Adecco Group UK & Ireland is an Equal Opportunities Employer.