HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide
Overview:
This role reports to the Senior Director, Governance Risk & Compliance and will primarily conduct cyber security audits and assessments that help ensure that the organization is compliant, and ready for, certification of its security program. This is a position that requires strong communication and relationship building skills, as well as patience and attention to detail.
Responsibilities:
Prepare and conduct internal audits of the Information Security Management System (ISMS) and Privacy Information Management System (PIMS) in accordance with ISO 27001 and ISO 27701 requirements to support readiness for external audits.
Develop and maintain an annual audit plan covering planned operational, ISMS, and PIMS internal audits.
Track, monitor, and follow up on remediation actions resulting from internal audits, including those from both prior and current audit cycles, to ensure timely and effective closure.
Perform periodic fraud risk assessments to identify, evaluate, and document potential fraud risks and control gaps.
Review, update, and maintain internal information security policies on an annual basis to ensure ongoing alignment with regulatory, ISO, and organizational requirements.
Continually reviews and improves the assessment methodology, process, and procedures.
Work closely with partners in technology or other departments to identify, prioritize and remediate security compliance issues.
Performs ad-hoc compliance requests or additional duties as assigned
Qualifications:
BS, BA in Information Technology, Computer Science or other related Business/Technology/Analytical studies
Security+, CISA, CIPP, ISO 27001 or similar certification a plus
Prior experience with cyber security, privacy, governance, risk & compliance (GRC), internal audit or other similar function
Knowledge of ISO27001, ISO27701, or SOC2 Type II preferred.
Experience interpreting industry and regulatory requirements and authoring supporting controls.
Experience performing third party assurance assessments; AuditBoard, OneTrust or similar platform experience a plus
Excellent client relationship and customer service skills, with a clear client focus. Note: nearly all customer facing interactions will require English proficiency in writing and speaking.
Strong Project Management Skills
High degree of independence and exceptional work ethic with a team player
Familiarity with core IT and Information Security Technologies
Exceptional interpersonal, written and oral communication skills
What do we offer:
HireRight offers a competitive benefit package which includes:
Medical
Dental
Vision
Paid Life/AD&D Insurance
Voluntary Life Insurance
Short & Long Term Disability
Flexible Spending Accounts
401K
Generous Vacation and Sick Program
10 Paid Holidays
Education Assistance Program
Business Casual Attire
Generous Referral Program
Employee Discounts and Rewards
And much more!
All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
HireRight, LLC is an Equal Opportunity Employer
Minorities / Females / Veterans / Disabilities
HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee
This job description in no way states or implies that these are the only duties to be performed by a team member’s occupying this position. Team members may be required to perform other related duties as assigned, to ensure workload coverage. Team members are required to follow any other job-related instructions and to perform any other job-related duties requested by their supervisor. This job description does not constitute an employment agreement between the employer and team member and is subject to change by the employer as the organizational needs and requirements of the job change. This job description is subject to change at any time.