Sr IT Security Compliance Analyst

THIS JOB DESCRIPTION DOES NOT ATTEMPT TO LIST ALL OF THE DUTIES THAT ARE OR MAY BE PERFORMED IN THIS POSITION Primary Duties 1. Develops and implements goals, policies, and procedures to maintain internal controls. Validates the implementation of control requirements and appropriate information technology (IT) policies and procedures. 2. Develops and administers compliance reviews, including user access reviews and security activity reviews, to evaluate the effectiveness of general controls and operating processes. Conducts regular reviews of elevated access accounts and segregation of duties. Monitors, updates, and reports metrics related to compliance-related controls effectiveness. 3. Assists in the determination of gaps in system design or controls. Provides recommendations for remediation and implementation of migrating controls. 4. Executes compliance/audit activities assigned in relation to Sarbanes Oxley (SOX), IT Control Framework, Payment Card Industries (PCI), relevant cybersecurity frameworks, and other regulatory and/or compliance requirements. Produces appropriate artifacts including documents, presentations, and remediation plans. 5. Participates in internal/external audit engagements and third-party business reviews. Tracks audit and risk assessment findings and ensures adequate and timely resolution of all identified issues. Provides consultation and subject-matter expertise on critical aspects of external and internal audit initiatives. 6. Responsible for performing first cut vulnerability analysis assessments. E.g, review vulnerability assessment reports, meet with team to validate findings, explain findings along with security engineering, and track the finding remediation progress. 7. Reviews and respond to incidents and problems to collect metrics, recommend and support the implementation of solutions, and suggest process improvements. Conducts root cause analysis. Prepares, collects and analyzes related materials and documentation in conjunction with information security projects and daily operations. MINIMUM REQUIREMENTS Educational/Experience Level: Bachelor's degree in Computer Science or a closely related field and four years related experience in IT SOX Compliance, audit or a related field; or equivalent. Communication Skills: Requires the ability to communicate (both oral and written), and the skills to inform, persuade and/or influence internal and/or external customers and senior management on matters of a technical and/or complex nature. Numeric Skills: Requires the ability to perform analyses involving ratios, percentages, and simple statistical methods. Computer Skills: Requires advanced knowledge of various software applications for creating documents, reports and/or graphics. Work Conditions: Works in an office environment. Requires occasionally performing activities including, but not limited to, bending, stooping, grasping, reaching, twisting, turning and/or lifting. Atmos Energy Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or veteran status.

Job Family:

Infrastructure