Cyber Risk and Compliance, Senior Analyst

Company

Cox Communications, Inc.

Job Family Group

Information Technology

Job Profile

Cyber Risk & Compliance Sr Analyst

Management Level

Individual Contributor

Flexible Work Option

Hybrid - Ability to work remotely part of the week

Travel %

No

Work Shift

Day

Compensation

Compensation includes a base salary of $88,300.00 - $147,100.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

Job Description

The Cyber Risk & Compliance Sr Analyst will report to the Sr Manager, Cybersecurity. As a member of the compliance team, you will contribute to compliance and governance activities related to multiple frameworks including SOC 2, PCI-DSS and NIST 800-53. The ideal candidate brings a strong understanding of security controls, control design and operating effectiveness testing to the team to facilitate gap assessments, assist with security controls implementation activities, and contribute to enhance the overall compliance and cybersecurity program. The right candidate has a proactive mindset and exhibits accountability for projects and tasks while driving actions across multiple teams. Strong written and verbal communication abilities and exceptional interpersonal skills to promote compliance across teams to achieve results is a must to be successful in this role. The ideal candidate possesses a blend of general technology, security, and audit competencies with an emphasis on critical thinking, data analytics, and a natural desire to drive efforts to their conclusion.

Primary Responsibilities:

• Provide governance over internal assessments and external audits of compliance programs.

• Collaborate with cross-functional teams to ensure they are properly implementing and managing security controls, understand their operations, and ensure compliance with standards.

• Develop and maintain remediation plans alongside remediation owners, then track the remediation plans through completion.

• Monitor and enhance the controls needed to achieve and maintain SOC 2, PCI DSS, HIPAA, NIST 800-53, ISO 27001 or other compliance requirements. Perform controls testing for operating effectiveness.

• Manage changes to control frameworks that support our security compliance objectives.

• Maintain the tools and processes that keep our compliance monitoring going strong.

• Effectively communicate compliance project status, timelines, risk, remediation efforts to stakeholders and leadership.

• Help with the development of key reporting metrics and executive presentations to make sure there is always awareness and support of our compliance programs.

Qualifications and Experience:

Minimum

• Bachelor’s degree in a related discipline and 6 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; a Ph.D. and 1 year of experience; or 18 years’ experience in a related field

• 4+ years of experience working in information security controls, information technology audit, or security risk management.

• Ability to communicate with a variety of different stakeholders, from peer team members all the way up to the executive level.

• Strong understanding and experience with information security technologies.

• Ability to adjust to multiple demands, changing priorities, and rapid change, while keeping a good attitude and multitasking effectively.

Preferred

• At least one relevant industry certification such as CISSP, CISM, CRISC, CISA.

• Subject Matter Expertise in a minimum of security frameworks such as SOC 2, PCI-DSS, HITRUST, HIPAA, ISO 27001, NIST 800-53, NIST Cybersecurity Framework.

• Understanding of security engineering principles.

• Professional services audit or consulting background a plus.

• Telecom/Cable industry experience a plus

Benefits

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.

About Us

Cox Communications is all about creating moments of real human connection; and for employees, that’s true both in the workplace and in the problems we solve for customers. From building advertising solutions to unleashing IoT technologies to creating an exceptional experience for customers in our retail locations and online, we’re creating a world that is smarter and more connected. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.