at Alight Solutions LLC in Portland, Maine, United States
As a leading provider of human capital solutions, we help our clients and their people navigate the complexity of health, wealth and HR. We combine data-driven, consumer-centered technology with personalized care and service to deliver a superior customer experience. Our dedicated colleagues across 28 global centers help 23 million people and their 11 million family members simplify work and life, both now and in the future. At Alight, we are reimagining how people and organizations thrive.
We're growing our team of technologists to drive innovation to support hundreds of millions of employee interactions per year. We build highly scalable enterprise solutions with leading technologies and are developing a strategic roadmap to continue driving future innovations for web, mobile, and third-party integrations.
Be part of a team that is taking our enterprise solutions to the cloud!
Note: this role is a virtual/work from home/remote opportunityJob Description:
As a member of Alight Global Governance Risk, & Compliance team, this position will assist in preparing for SOC1 and SOC 2 (all five principles) external audits by documenting controls, interviewing control owners and validating control implementation and evidence.
Lead the design, documenting and assessment of SOC1 and SOC 2 controls.
Identify control owners and stakeholders.
Develop testing procedures for assessing the design and operating effectiveness, completeness, accuracy/validity, and timeliness of control outputs.
Conduct risk assessments of IT systems and identify weaknesses and determine strategies to correct them.
Work with business leaders and other stakeholders to ensure baseline security standards are embedded in business operations and delivery.
Identify & escalate any new or emerging gaps in policy or control environment & provide expert advice on new requirements.
Assess criticality of control gaps for escalation.
Work to ensure 'pre-closure' of potential findings in future audits.
Provide metrics and data on findings to ensure prioritization for remediation and closure.
Develop and maintain findings library to support analysis, trending and 'pre-closure'.
Drive remediation and risk mitigation planning, execution and oversight (strategies).
Provide remediation and policy guidance to Alight stakeholders.
Request responses and provides guidance on findings remediation.
Support the on-going monitoring & measurement of Alight's compliance to regulatory requirements (including FedRAMP, NIST 800-53, ISO 27001, SOC 1, SOC 2, etc.).
Interpret patterns of non-compliance to determine impact on levels of risk and work with the appropriate resources to drive higher levels of compliance.
Escalate potential changes in regulatory environment to Regulatory SME(s).
3+ years' experience with SOC 1 and SOC 2 (all five principles) controls with the ability to lead IT audit assessments and audit readiness activities for government customers.
Good understanding of government operations, processes, and business objectives and utilize that knowledge to make recommendations for business and process improvements.
Bachelor's degree or international equivalent or equivalent work experience.
MS Office and project management skills.
Written and verbal English proficiency required.
Strong partnering, communication and presentation skills.
Strong analytical and problem-solving skills.
Experience of coordinating activities between multiple parties.
Strong relationship and team building skills.
Knowledge of SOx, HIPPA, PII, and GDPR requirements preferred.
Knowledge of Service Now a plus.
Interest in developing knowledge in security and interactions with various internal and external client functions.
Security certifications (CISSP, CISA, CISM, ISO 27001) a plus.
Position may occasionally require hours to accommodate US, EMEA & APAC time zones.
With an unwavering belief that a company's success starts with its people, Alight Solutions is a leading cloud-based provider of integrated digital human capital and business solutions. Leveraging proprietary AI and data analytics, Alight optimizes business process as a service (BPaaS) to deliver superior outcomes for employees and employers across a comprehensive portfolio of services. Alight allows employees to enrich... For full info follow application link.
Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an