Compliance Analyst

NORTH TEXAS TOLLWAY AUTHORITY

Summary

The Compliance Analyst will help define and support the compliance programs to support Authority's security posture. This resource will have extensive team interactions relating to technical, procedural, and documentation controls with a wide range of technology-based functions and business groups will be required for problem-solving, tracking and reporting of compliance gaps to closure and final resolution.

• Pay Range: $82,338 - $108,340 - $140,842***
• Retention Bonus: $1500***
  
  

Responsibilities

• Improves, documents, and ensures compliance with the authority’s information security/compliance program.
• Monitors key elements of the Payment Card Industry Data Security Standard (PCI DSS) compliance program.
• Serves as the resource for preparation of all internal and external IT related audit/assessment.
• Leads or support the security and compliance assurance process. Work with various teams to ensure secure development process and vulnerabilities remediation conforms to requirements. Maintain and provide monthly status report for management review.
• Consults with stakeholders/project leads on requirements for new and existing business / technology solutions to assure compliance to PCI DSS, internal standards and governing policies and procedures.
• Designs and acts as technical program lead to track and report on compliance of all systems and processes in scope of PCI compliance to technical standards.
• Coordinates and document compliance/internal control activities and ensures compliance with policies and procedures and escalates exceptions to management.
• Facilitates assessment of and compliance with information security, regulatory and data privacy requirements.
• Acts as a subject matter expert for the organization's information asset protection policies and procedures, and information technology best practices.
• Administers controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
• Leads, or play lead technical role in efforts to assess vulnerabilities and threats to the organization, critical data, and information systems.
• Reviews Vulnerability scanning reports and monitor remediation activity status.
• Monitors alerts from security monitoring tools and other security event management sources; and drive timely remediation of issues.
• Responsible for coordinating the deployment of required training for compliance programs.
• Coordinates deficiency remediation efforts with control owners and monitor progress.
• Coordinates incident response related activities to manage risks.
• Identifies applicable IT general controls, milestones, and coordinate required tasks.
• Leads/assists in scheduling and conducting procedural and regulatory compliance audits.
• Continually evaluates, optimizes, and ensures compliance for network and information security environments.
• Evaluate and lead efforts to develop and implement/enhance control procedures, and programs for system and business processes to support compliance efforts.
• Review processes, standards, and technology to ensure the effectiveness of security controls to meet compliance requirements.
• Leads efforts to plan and monitor systems and business exercising and testing for controls and compliance.
• Leads or conducts initiatives to ensure that controls and processes are operating effectively and efficiently.
  
  

Qualifications

Minimum:

• Associate’s degree
• 3 – 5 years’ experience
  
  

Preferred

• Bachelor’s degree in technology related field
• One or more advanced certifications in information security (ex: GSEC, GCWN, GCED, GCIA, GCIH, GCFA, GPEN, CISSP etc).
• 4+ years working in compliance, information security, or internal audit covering one or more of the following: ISO 27001, PCI, NIST 800-53, ISO 9001, NERC CIP or SSAE16 compliance programs.
• Experience managing and maintaining compliance within large organizations and distributed environments.
  
  

About NTTA: NTTA is a political subdivision of Texas created to acquire, construct, maintain and operate toll roads in North Texas. As a customer-driven organization, NTTA delivers a safe and reliable toll system for millions of customers each year in one of the fastest growing regions in the United States. NTTA is a vibrant organization with a highly qualified, energized and engaged team focused on achieving Excellence and we are looking for talented individuals to join us.

Our mission: We are committed to providing a safe and reliable toll road system, increase value and mobility options for our customers, operate the Authority in a businesslike manner, protect our bondholders, and partner to meet our region's growing need for transportation infrastructure.

How To Apply

Click Apply. Register or log-in to your account. Complete the application in its entirety, including any questions, and click Submit.

If you have questions about the application process, please access our Frequently Asked Questions

At any time during the application process, you can click on the Job Title to which you are applying to return to this page to access the FAQs.

Refer your Family and Friends to apply at https://careers.ntta.org

NTTA is an Equal Opportunity Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability or veteran status.