Senior IT Security Compliance Analyst
Badger Meter

Job Info

---

Why Badger Meter?
Are you looking to join a dynamic team where you have the autonomy and challenge that lets you learn and grow your career? Are you energized when you know that your contributions matter and make a difference in business success? If yes, then Badger Meter may be a great place for you!
For more than 115 years, Badger Meter has provided strong, stable financial growth, in turn providing employees with the opportunity to build long, successful careers. As a leading manufacturer of flow measurement technology, Badger Meter offers many opportunities to measure what matters in protecting the world's water and other precious resources. Our company is large enough to continually drive market innovation, all while we maintain a collaborative and flexible working atmosphere.
What You Will Contribute:

The Senior IT Security Compliance Analyst is responsible for Global IT systems and assists with a variety of information security compliance related tasks, in support of the ISO 27001 and SOC 2 Information Security Management Systems (ISMS) at Badger Meter.

The Senior IT Compliance Analyst will liaise with Badger Meter Managed Security Service Providers (MSSP) to support IT security control audits/assessments and help management assure operational effectiveness of its IT security controls. The analyst will support annual ISO 27001 audits and risk assessments for IT Compliance (e.g., PCI, SOX, ISO 27001:2013, and SOC 2).

New implementations as well as operational maintenance of existing business-critical applications will be examined. The analyst will collaborate with other functional areas within Information Systems and will monitor, assess and update the environment to safeguard resources and information assets across Badger Meter. The role extends to any part of the business that has risk associated with information assets.

Responsibilities may include any and/or all of the following:

• Security moves, adds and changes for network and business systems; ensuring that proper approval procedures are adhered to and all required documentation had been completed.
• Administer and audit user security for network file systems, again ensuring that data owner approval is granted and documented. Performs quarterly entitlement reviews of access rights.
• Audit software licensing, assist with the renewal of licensing, and support agreements to ensure compliance monitoring of enterprise-wide licensing.
• Administer vulnerability management system and coordinate with asset owners toward continual risk reduction.
• Manage, document and track security incidents, ensuring complete resolution.
• Develop, implement, and maintain Compliance controls; reviews existing compliance controls for regulatory updates and perform the necessary gap analysis; create and maintain various internal and external audit and compliance schedules for Information Technology and compliance covered environments to ensure ongoing evaluation and validation of ITS control effectiveness.
• Reviews, document, evaluate, and test manual and automated computer controls; develop and implement testing methodologies as required; design and execute compliance testing.
• Conducts risk assessments on business and operational processes, procedures, and policies; interpret audit results and make conclusions on the adequacy and reliability of controls; prepare and present results as necessary.
• Ensure security across the Badger Meter supply chain.
• Prioritize and control projects based on severity of risk and non-compliance; communicates control strengths and weaknesses to internal audit and compliance and collaborates with internal resources to develop migration plans.
• Audit systems backup reports to ensure compliance to policies.
• Audit the enforcement of security to controlled access to corporate security zones as required.
• Reviews the internal security audits and risk assessments performed by Badger Meter's internal auditors.
• Coordinates third-party audits in consultation with IT, IA, business process owners and vendor management.
• Conducts audit preparation training for internal personnel prior to third party audits.
• Reviewing third-party attention and audit reports, and providing feedback to business leaders and risk owners.
• Collaborates with the MSSP and external auditors.
• Monitors Information Security assessment best practices in the industry to determine opportunities for improvement, including tools and processes.
• Assists business and support functions in evaluating tools and technology that support Badger Meter IT risk management approach.
• Perform other related duties as assigned.

Qualifications:

• Bachelor Degree in Business, Accounting, Information Technology, or other quantitative discipline.
• 5+ Years of broad privacy and data protection, compliance or legal experience.
• 4+ years of audit/assessment experience
• Sound understanding of security principles including logical access controls, change control, least privilege, segregation of duties, computer operations, network security, Vulnerability management, and secure coding.
• Broad technical understanding of data management platforms and associated data security controls.
• Experience with data classification, data protection, and data retention standards and practices.
• Experience with project management best practices and collaborating with PMO.
• Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x, COBIT, and National Institute of Standards and Technology (NIST) frameworks.
• Experience with data protection regulations and standards (e.g., ISO, PCI, APEC, etc.).
• Strong analytical and time management skills
• Ability to maintain a high degree of confidentiality

Preferred Qualifications:

• Certified Information Security Auditor (CISA)
• PMI Project Management Professional (PMP)
• Certified Information Privacy Professional (CIPP) or Certified Information Privacy Manager (CIPM)
• Industry Standard Security certifications including: SANS/GIAC GSNA, ISACA CISM, ISC2 CISSP, and ISC2 CSSLP.

Equal opportunity employer. This company considers candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Applicants can learn more about their rights regarding equal opportunity in employment by viewing the federal "EEO is the Law" poster and the "EEO is the Law" poster supplement at http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm

This job has expired.