Compliance Consultant (SRO)
Cyberjaya, MalaysiaJob ID R63755 Date posted May. 03, 2019
The Dell Security & Resiliency Organization (SRO) manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
We are currently seeking a Compliance Consultant to join our Security & Resiliency team, based in the APJ region. This is a senior role with responsibility for enhancing our existing compliance programs.
- Engage in continuous partnership with other departments in the Security & Resiliency Organization and business units within Dell to build/maintain/manage relationships across all key stakeholders to support overall SRO objectives and strategy.
- Define clear expectations and processes for performance and evaluation of compliance for the different lines of business to security relevant standards and requirements.
- Streamline and coordinate control testing activities across multiple business units and locations, oversee controls testing aligned with Dell's internal controls framework. Activities include scoping, evidence gathering, gap analysis, remediation/mitigation coordination, management reporting, and work paper documentation and submission.
- Align controls to industry standard frameworks
- Provide subject matter expertise to stakeholders and business partners.
- Assist the Security & Resiliency Organization with the development and implementation of an Information Security Management System.
- Produce board, executive and management-level reporting metrics, materials and dashboards.
- The following are the minimum qualifications the ideal candidate would possess.
- A minimum of 8 years' compliance experience is required
- Proven experience performing security control assessments utilizing established industry frameworks (ISO 27001, PCI, COBIT, NIST).
- Documented knowledge of or “hands on” experience with reviewing the effectiveness of controls over key IT risks, identifying significant exposures, and evaluating control effectiveness.
- In-depth knowledge of cybersecurity and information technology systems terminology, concepts, and practices.
- Verifiable experience in negotiating issues and resolving problems.
- Demonstrated advanced skill in communicating complex information clearly in a presentation setting.
- Verifiable experience in influencing a broad spectrum of stakeholders toward achieving goals:
- oBuilding consensus
- oDeveloping and maintaining productive relationships through individual contacts and group meetings
- oEnsuring understanding of technical matters by nontechnical decision makers
- Verifiable experience in planning and project management, and in maintaining composure under pressure while meeting deadlines.Experience prioritizing daily effort by operational and project objectives:
- oManaging multiple assignments and processes
- oWorking autonomously with limited supervision and guidance
- oIndependent determination of approach to projects
- Undergraduate or Graduate degree in Information Technology, Information Security and/or Accounting Information Systems
- Minimum 10 years of full time relevant business experience
- 3-5 years at one of the ‘Big Four’ auditing/consulting firms is an advantage
- Industry certification such as: CISA, CISM, PCI ISA/QSA, CISSP.
- A team player capable of embracing the Company’s culture of high standards related to privacy, ethics and compliance principles.