IT Compliance Analyst Full Time

This position is responsible for monitoring, managing and closing existing compliance issues while also ensuring that internal systems are compliant with security standards, both internal and global like: IATF 16949, NIS2, ISO 27001 or NIST. In carrying out these functions, the analysts responsibilities include the identification, evaluation and interpretation of regulatory, statutory and member security requirements, control deficiencies and information security risks. The position may be based in India and reports directly to the Senior IT Compliance Manager of the company.

Essential Duties And Responsibilities

• Design, coordinate and execute audit process e.g., NIS2 or ISO27001, monitoring and procedures to assess and measure company information security risks and compliance with its security policies and procedures.
• Monitor advancements in information privacy laws and global frameworks e.g., TISAX, ISO, NIST or COBIT to ensure organizational adaptation and compliance.
• Develop, recommend, and establish controls and processes as necessary to protect Tenneco information assets against unauthorized or accidental modification, destruction, or disclosure.
• Creating and coordinating proper reporting channels for compliance issues.
• Developing compliance communications with Tennecos Business Units. Coordinating required compliance training for employees.
• Provide consulting and technical support services to owners, custodians, and users in defining and deploying cost-effective security controls and protections.
• Document, maintain, and obtain ongoing support for all aspects of the ISMS program.
• Monitor the effectiveness of strategies, activities, measures, and controls designed to protect the Tenneco information assets.
• Serve as Tenneco internal and external point of contact for information security matters regarding information security topics.
• Participate in the Information Security policies lifecycle process, necessary to ensure the security of information and information resources against unauthorized or accidental modification, destruction, or disclosure.

Minimum Requirements:

Education:

• A bachelor’s degree in computer science, information technology, computer engineering,or a related field.
• CISSP, CISM or ITIL, ISO27001 Internal/Lead Auditor certifications are preferred
• Experience in implementing and managing information security programs or projects, including KRI creation and maintenance