Cybersecurity Compliance Associate

at  Publicis ReSources Global

Company Description
Re:Sources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 4,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients.
In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.
Job Description
The Cybersecurity Compliance Associate provides IT compliance guidance and consulting to team members and stakeholders across the Publicis Groupe agencies to ensure compliance is met with the information security policies and governmental and industry regulations. This position is responsible for supporting complex compliance programs as a key member of Publicis Re:Sources – Global Security Office (GSO). This position works directly with technical and business leadership teams to ensure security and compliance requirements are maintained. Good project management, written, and technical skills are required.

QUALIFICATIONS

• Associates or Bachelors degree required
• Minimum 3 years of experience in Security, Risk, and Compliance
• This role recommends one or more active certifications in any of CISSP, CRISC, CISA, CISM or other relevant information security, compliance or audit certifications
• Experience in applying SSAE-18 or PCI audit requirements to business and technical environments while providing a service-oriented leadership approach to maintaining compliance
• Familiarity with Information Security, Compliance & IT Management Standards; ISO27001, PCI-DSS, SSAE-18 SOC 1/2/3, SOX, HIPAA, Privacy, and NIST-CSF
• Understanding of technology frameworks, including NIST CSF and ISO 27001
• Experience supporting security controls, compliance and audit activity within a service provider organization with multiple technologies and architectures; Windows, Unix/Linux, VMWare, Oracle, SQL, IPS/IDS, DLP, and other security technologies
• Project management skills
• Proficiency with Microsoft Office software, Excel (intermediate to advanced), Word, PowerPoint, Visio, and SharePoint
• Experience and detailed understanding of technology, regulations, and information security or compliance management best practice, processes or methods.
• Technical aptitude, with the ability to effectively communicate with a working knowledge of all areas of IT controls.
• Proficiency in Power BI (preferred)
• Experience in ServiceNow
• Strong understanding of business applications
• Knowledge of network infrastructure
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues
  Additional Information

• Manage and support multiple ISMS audits or assessments, including ISO 27001 external audits
• Risk scoring and analysis of security risk within the organization
• Refine assessment templates and perform related security assessments in compliance with regulatory/compliance frameworks
• Collect audit evidence from IT teams and validate clear and appropriate details are included prior to submitting to external auditors