ClevelandRecruiter Since 2001
the smart solution for Cleveland jobs

IT Privacy, Risk & Compliance (PRC) Analyst - remote

Company: Serta Simmons Bedding, LLC
Location: Cleveland
Posted on: January 16, 2022

Job Description:

Serta Simmons Bedding is proud to be one of North America's largest bedding manufacturers, and the company behind some of the best-selling brands including Serta, Beautyrest, Simmons and Tuft & Needle.
When you join Serta Simmons Bedding, you become part of our 220-year legacy of sleep solutions with endless opportunities to impact our future for centuries to come.
Once you're here, you'll be part of a winning company that invests and supports our team members' career journeys. We offer competitive benefits, job training, learning and development, and other employee perks such as our employee discount on all products.

  • Health, Dental, and Vision (starts on day one)
  • 401K with company match
  • Paid Time Off / Vacation
  • 12 company holidays
  • Sick days
  • Employee discounts
  • Referral Bonus
    SummaryThe IT PRC Analyst will participate and assist in supporting compliance and audit initiatives in the Data Privacy, Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Business Continuity, and Risk Management programs at SSB. The role requires a general skill set within IT to include excellent analytical, oral, and writing skills, along with the ability to understand business requirements while ensuring systems and processes adhere to IT compliance requirements. General policy and process knowledge is a plus, as well as experience with technologies to identify risk and compliance issues to support risk mitigation, remediation, and compliance activities within the business and IT organization. Candidates must possess the desire to drive learn in in an environment undergoing transformation.
    • Assist with consultations and advisements to the business and project leads around compliance initiatives, information security, and IT risks
    • Analyze and support solutions to resolve process breakdowns and system parameters not meeting IT compliance standards
    • Maintain knowledge of current trends and attend appropriate training programs to remain current with skills
    • Drive a culture of continuous improvement, efficiency, pride, excitement and ownership
    • Develop and maintain credible and effective working relationships with both management and IT personnel in a way that demonstrates an understanding of business problems, IT strategies, issues, and priorities* Data Privacy
    • Assist in the fulfillment and tracking of data subject access requests in accordance with the California Consumer Privacy Act (CCPA)
    • Become familiar with the requirements of CCPA, PIPEDA, and other privacy standards as neededSOX Compliance
      • Review and perform segregation of duties (SOD) analysis on ERP access request to identify functional conflicts that may exist
      • Assist business areas with remediation of identified deficiencies
      • Execute periodic user access reviews with IT and business personnel on a timely basis, as needed
      • Assist with reviews of third-party reports on internal control for financially significant vendors in conjunction with business owners
      • Other duties and responsibilities as necessary for SOX compliancePCI Compliance
        • Assist with implementation of PCI compliance program including organization and documentation of scope
        • Assist in tracking open remediation items to resolution
        • Other duties and responsibilities as necessary for PCI complianceRisk Management
          • Assist with negotiations and review of third-party contracts for information security, compliance, and data protection measures
          • Provide/help implement recommendations for various systems and processes
          • Other duties and responsibilities as necessary Metrics
            • Timely completion of CCPA requests, SOX SOD reviews, and Third Party Risk Assessments
            • Create presentations as needed
            • Performance of other duties and responsibilities as assignedKEY COMPETENCIES
              • Strong interest in due diligence, risk management and compliance
              • Excellent problem-solving skills with demonstrable ability to operate with little oversight
              • Ability to prioritize and balance competing demands
              • Consistent positive presence and integrity
              • Self-starter with the curiosity and the desire to independently research in order to learn and grow
              • Provide quality customer service to internal departments and third-party partners/providers
              • Ability to collaborate and form strong relationships
              • Detail oriented with high standards for producing quality deliverables
              • Living SSB core values
                Minimum Qualifications
                • Bachelor's degree OR 2-4 years in at least one discipline such as information technology, security, IT general controls, IT compliance, IT audit and/or security risk management
                • Awareness of security and risk frameworks, standards, and best practices (e.g. PCI, ISO, ITGC, COBIT, COSO, CMM, etc.)
                • Ability to effectively work with cross-functional teams and resources to address competing priorities
                • Experience with project management concepts, internal project requirements or guidance
                • An understanding and desire to learn regulatory and legal requirements (e.g., CCPA, PCI, PII, SOX, HIPAA, etc.)
                • Excellent communication (verbal and written), documentation, presentation, and facilitation skills
                • Reasonable project management, analytical, and time management skills with a superb attention to detail
                • Bachelor's degree in Information Systems, or equivalent experience
                • Work is sedentary in nature.
                • Utilization of video display terminal and keyboard is 95% of the time.
                • Work may involve travel.
                • Effective communication, interpersonal, organizational and planning skills.
                • Ability to work autonomously and manage multiple issues and projects.
                • Ability to work in a team environment, meet deadlines and adapt to changing priorities
                • Ability to interpret and support standards, policies and procedures established by the Company, Serta Simmons Bedding, and Federal, State or local agencies.
                • Must be willing to travel as needed
                  Preferred Qualifications
                  • Third-party risk assessment experience, 1-4 years or commensurate education
                  • Certifications such as CISA (strongly preferred), CISSP, CRISC, CIPP
                  • Experience with ServiceNow and OHM
                    This job description is not intended to be an exhaustive list of all duties or responsibilities associated with the job. Other job-related duties may be assigned.

                    • Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Keywords: Serta Simmons Bedding, LLC, Cleveland , IT Privacy, Risk & Compliance (PRC) Analyst - remote, Professions , Cleveland, Ohio

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Ohio jobs by following @recnetOH on Twitter!

Cleveland RSS job feeds