Iron Mountain Compliance Analyst, Data Center in Boyers, Pennsylvania
At Iron Mountain we protect what our customers value most, from the everyday to the extraordinary, while helping them bridge the physical and digital world. Our people have the opportunity to bring their creativity to a workplace that thrives on change. Here, you will be part of a team that doesn’t just embrace what’s exceptional. It creates exceptional.
The Compliance Analyst has a key role in supporting, developing, and maintaining the Iron Mountain Data Centers (IMDC) compliance program. This includes interpreting and applying information security / risk frameworks and audit standards, as well as working collaboratively with IMDC teams to successfully implement solutions for identified gaps and risks.
Support third party, and customer audits by performing audit readiness, gathering audit evidence, recognizing audit risks, and assisting in gap remediation
Performing administrative support of the overall Compliance program by updating risk register, reporting on control assessments, developing internal documentation, maintaining document repository, preparing gap analysis, updating policy documentation, scheduling working sessions/meetings, and responding to internal and external requests for information
Identify and evaluate information security and other operational risks, threats and opportunities for improvement discovered through incident management process and other channels
Perform gap analyses and assist with related integration planning, support, and process engineering/risk remediation
Collaborate with internal teams in order to ensure risk based controls are evaluated when new systems, processes, or procedures are being deployed
Learn, and maintain working knowledge of information security, risk, and compliance frameworks such as: ISO 27001, SSAE16/18 SOC 1/SOC 2, PCI-DSS, HIPAA, ISO 22301, NIST 800-53, ABS OSPAR, COBIT, ITIL and ISO 50001
Key Skills, Requirements and Competencies:
High-level of resourcefulness and initiative, positive outlook, and a self-starter with a go-getter attitude; enthusiastic on learning sometimes complex concepts in a fast paced, global environment
Ability and motivation to take ownership of projects and initiatives, hard-working, and determined to execute maximum customer satisfaction
2-4 years’ experience in a data center environment required, with a preferred proficient knowledge of physical security systems and processes, or IT/network operations procedures
Exceptional technical writing, listening, and communicative skills; ability to comprehend and retain large amounts of information, articulate sometimes abstract ideas and control objectives effectively
Excellent analytical skills, sound judgement, and ethical decision making capability
Motivated project manager that can adapt to work autonomously and have the ability to effectively share ideas and solutions with a diverse group of people and build strong working relationships
Effective time management and organizational skills with the ability to prioritize and balance competing priorities and meet difficult deadlines, while furthering knowledge of compliance frameworks and information security topics
Proficiency with common office tools (MSWord, Excel, PowerPoint, Visio, GSuite, etc.).
ITIL foundations training completion preferred within first 12 months of filling role, if not already obtained
5-10% domestic (US) travel required
Category: Information Technology Group
Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.
To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE