Security Compliance Auditor with DXC Technology in DNK-Valby, Denmark (salary not disclosed)

April 28, 2021

The Security Compliance Auditor will plan, coordinate, facilitate, and provide guidance to DXC account and delivery teams for System and Organization Controls (SOC) audits, development and execution of the internal audit plan with respect to appropriate regulatory and assurance compliance audit coverage, and interface / assist external audit teams as needed, and act as a liaison between the DXC account and delivery teams and the auditing firm ensuring effective planning, creation of and adherence to timelines and effective communication and interpretation of SOC audit issues. Candidates should have a strong background in developing processes and procedures and the methodologies to ensure compliance.

Experience with GRC tools (such as Archer) or knowledge of Unified Compliance Framework (UCF) a plus
Experience with Fed RAMP, FISMA, and NIST 800-53 a plus

The selected candidate will
Become familiar with all requirements of the underlying SOC audit compliance requirements
Understand in-country regulatory requirements with regards to sharing data external to DXC
Develop a compliance verification strategy in collaboration with DXC account and delivery teams
Effectively communicate production and development requirements as needed to help delivery and account teams meet compliance requirements (e.g. ISO, SSAE16, PCI, HIPAA).
Analyze any proposed service and communicate the risk and impact to the account and delivery organizations as needed or directed
Serve as the primary point of contact for infrastructure questions related to the SOC audit
Serve as the primary subject matter expert for all inquiries regarding SOC audit requirements.
Create all mandated compliance documentation responsibilities

Create and update audit plans, manage control procedures
Plan and execute internal information security assessments and audit engagements
Improve customer audit experience by providing timely and accurate information
Provide customized periodic audit reports for regulatory requirements
Verify compliance with security policies
Assist in defining and verifying server hardening standards

Investigate and champion automated auditing tools
Perform internal risk analysis and create remediation plans to ensure compliance
Manage audit activities and understand audit requirements
Previous auditor experience with an auditing firm is a strong plus experience with emphasis in information security and regulatory or other compliance management

Excellent understanding of project management principles
Knowledge of financial and related regulatory requirements, including SOC compliance experience with risk management techniques
Knowledge of regulatory and assurance compliance requirements including ISO 27001, SSAE16 (SOC 1 & 2), HIPAA / HITECH, PCI, and Data Privacy
Excellent communication skills; written and verbal
Fluency in Danish language
Team player

4-6 years equivalent experience in security, compliance, and data privacy
Bachelors, undergraduate or equivalent diploma, or combination of education and relevant experience
Skilled in planning, problem solving, analysis, collaboration, and communication
Proficient with Microsoft Office suite (Word, Excel, PowerPoint) & Share Point
Professional certification such as CISSP, CISA, GISP is a plus

To apply, go to: