Information Technology Compliance Architect

Company: Canon U.S.A., Inc.
Location: Melville
Posted on: November 26, 2022

Job Description:

US-NY-Melville Canon U.S.A., Inc.Requisition ID: 28623Category: Information TechnologyPosition Type: Full-TimeOverviewDo you have what it takes to be a SME in SOX IT general controls, PII and PCI Audit? Are you ready to apply your unique skills to be successful in the role of Senior IT Auditor, PCI Compliance? This role will offer you the opportunity to showcase your technical skills and make a direct impact on Canon's processes.The Information Technology Compliance Architect (Architect, IT Audit) will be responsible for planning, overseeing consultant-based workers, and executing IT Payment Card Industry (PCI) and IT Risk engagements as well as support the demand, creation and compliance audit development efforts for SOC, SOX, etc. engagements.This position is full time and offers a hybrid work schedule requiring you to be in the office Monday and Wednesday and an option to work from home the remainder of the week (unless a specific business need arises requiring in office attendance on other days). Note that work schedules and office reporting requirements may change from time to time based on business needs. Responsibilities- Oversee activities of PCI project consultants in the IT Audit group to ensure adherence to established PCI compliance and PII processes- Work with Sr. Manager and Sr Director of IT Audit to establish and maintain PCI program management office- Establish all required PCI-DSS 3.2.1 and higher Standards to ensure compliance with Self-Assessment questionnaire Level D and Lower- Work with all IT functional groups to ensure all PCI compliance testing requirements, are timely performed and identified issues are remediated in a timely manner as required by the PCI DSS standards. Testing includes Internal and External PCI Scans, Internal and External Penetration testing and PCI Segment testing- Establish and maintain business relationships with external QSA firms as needed to provide CANON USA IT the proper guidance on PCI-DSS compliance requirements- Ensure the annual completion for all SAQ- (D, C, C-VT) execution- Prepare the PCI DSS audit plans and understand the specific issues to be evaluated- Develops final PCI DSS written reports to communicate audit results to management and regulatory compliance agencies if applicable and make recommendations as appropriate- Oversee and facilitate the activities for the annual SOX and SOC auditing processes including:- Work with processes owners for the collection of audit request/evidence throughout the audit cycle- Participate in departmental / process walkthroughs, update the corresponding narratives, workflows, and controls- The performance of IT biannual annual and annual controls and report status- The preparation of documentation, testing and evaluation of the company's IT general controls over financial reporting across multiple environments- Design and execute risk-focused Audit Plans in Infrastructure and Applications Development and Maintenance, leveraging resources and expertise across teams- Identify and recommend mitigating technology process controls to reduce risks noted in system evaluations- Actively involved in developing the department's vision and strategy- Have a strong understanding of best practices in the internal audit profession, and drive sustainable results through good QA processes- Foster innovation and challenge the status quo- Foster an environment of regulatory awareness and ensure regulatory compliance, and champion internal control and corporate governance concepts throughout the business QualificationsPlease note: We comply with all applicable federal, state and local laws, regulations, orders and mandates, including those we may be required to follow as a federal government contractor/subcontractor.- Bachelor's degree in a relevant field or equivalent experience required, plus 7 years of related experience- Demonstrated experience with PCI-DSS certification and processes- Demonstrated experience with IT General Computer Controls- PCIP, ISA, CISA or CISM Certification is preferred- Ability to create an assessment and testing program that incorporates all aspects of PCI DSS requirements. scanning, assessing, and testing- Ability to develop programs that tie in vulnerability management for PCI with change management processes- Demonstrated experience using PCI based tools such as Nipper, Spider, Nexus, etc. to perform periodic scans of required network, servers, and other technology devices- Team-oriented, collaborative, diplomatic and flexible- Computer literate with proficiency in Microsoft Office application, experience with flowcharting is preferred- Light travel within the continental US requiredThe company will not pursue or support visa sponsorship for this position. Company OverviewAbout our Company - Canon U.S.A., Inc., is a leading provider of consumer, business-to-business, and industrial digital imaging solutions to the United States and to Latin America and the Caribbean markets. With approximately $30.4 billion in global revenue, its parent company, Canon Inc. (NYSE:CAJ), ranks third overall in U.S. patents granted in 2020--- and is one of Fortune Magazine's World's Most Admired Companies in 2020. Canon U.S.A. is dedicated to its Kyosei philosophy of social and environmental responsibility. To keep apprised of the latest news from Canon U.S.A., sign up for the Company's RSS news feed by visiting www.usa.canon.com/rss and follow us on Twitter @CanonUSA. ---Based on weekly patent counts issued by United States Patent and Trademark Office. All referenced product names, and other marks, are trademarks of their respective owners. Canon U.S.A., Inc. offers a competitive compensation package including medical, dental, vision, 401(k) Savings Plan, discretionary profit sharing, discretionary success sharing, educational assistance, recognition programs, vacation, and much more. A more comprehensive list of what we have to offer is available at https://www.usa.canon.com/about-us/life-at-canon/benefits-and-compensation We comply with all applicable federal, state and local laws, regulations, orders and mandates, including those we may be required to follow as a federal government contractor/subcontractor. We are an EEO/AA employer. Minority/Female/Individuals with Disabilities/Protected Veterans.If you are not reviewing this job posting on our Careers' site https://www.usa.canon.com/about-us/life-at-canon, we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at https://www.usa.canon.com/about-us/life-at-canon.#CUSA Posting Tags#PM19 #LI-AV1 #CUSA #LI-HYBRIDPI196359073

Keywords: Canon U.S.A., Inc., New Haven , Information Technology Compliance Architect, IT / Software / Systems , Melville, Connecticut