Job Description
Job Alerts
Sign up for e-mail job alerts.
Your SJM Career Profile
Create your Career Profile or log in to update your contact info and modify your resume or C.V.
Careers: Follow Us
Receive updates on the latest job openings.
Job Opening Location Map
See all of our current openings around the world. View our Job Opening Location Map.
|
|
| Job Requisition #: | Corp 12034 |
| Date Posted: | 05/31/2012 |
| Category: | Information Technology \ Compliance |
| Location: | St. Paul - MN - USA |
About Us |
|
| Our teams produce game-changing ideas and life-changing results. A career at St. Jude Medical puts you on the leading edge of medical technology, working for a company driven by its entrepreneurial culture and its passion for quality. Isn't this the kind of change you would like in your life? We are an Equal Opportunity/Affirmative Action Employer. We currently have this position open at our Corporate Headquarters in St. Paul. | |
Job Overview |
|
| The IT Compliance Assocoiate position will contribute, assist, and support the Information Technology (IT) security and compliance program for St. Jude Medical enterprise applications and systems. The Associate will need an understanding of U.S. and international legal and industry compliance requirements, perform risk assessments, maintain an inventory of IT system requirements as well as an inventory of IT systems that house critical data, work with process/application owners to implement compliance controls, monitoring the effectiveness of the controls, and tracking issues and remediation plans. Job Duties: • Responsible for the day-to-day activities associated with implementing, maintaining, and monitoring the EIT Compliance Program. Perform these duties with management oversight • Assist in the coordination of regulatory examinations, including internal and external audits within IT • Perform security risk and gap assessments for new and existing systems and infrastructure • Participate in the development and, where applicable, implementation of remediation plans that address issues/gaps identified as part of risk assessments and internal and/or external audits • Communicate overall results of reviews including control issues noted and remediation plans to the EIT management teams. Responsible for tracking of remediation efforts and escalation of gaps not properly addressed • Work with Corporate Privacy Office and Division Legal teams to understand regulatory requirements applicable to St. Jude Medical IT environment • With guidance, review and translate applicable laws and regulations into actionable IT requirements. Utilize common IT compliance and control frameworks (e.g., CoBIT, ITIL, ISO 27001, ISO 27002) to ensure a consistent, effective and efficient approach to IT compliance. Maintain a common risk-based set of IT security and compliance control requirements that can be implemented for “in-scope” IT systems and processes • Partner with other EIT and Division IT groups to implement enterprise awareness of IT compliance requirements. Facilitate enterprise-wide education programs to enhance overall understanding of internal controls and increase awareness of information security, associated risks, and internal controls • Assist in the deployment of IT Security and Compliance policies and procedures for global IT applications and systems • Partner with Internal Audit and other Corporate and Division compliance functions to leverage process and technologies utilized to support other SJM activities • Support successful self-assessment and monitoring processes to support early indication of compliance issues • Report (orally and in writing) on the results of all work performed and prepare written reports for Supervisor • Perform other tasks and projects related to security and/or compliance. Assist in the execution of special assignments and projects as directed Qualifications: • Bachelor’s degree in Accounting, Information Systems, Computer Science or Business • 1+ years information technology audit experience with a public accounting firm or 2+ years information security analyst experience • 1+ years project management experience including the ability to organize, plan, prioritize and complete assignments with moderate supervision • Desired certifications: CISA, CIPP/IT, CIPP, ITIL, ISO 27K, CISM, CISSP, etc. • Must be adept at handling multiple assignments in a timely manner and meeting assigned deadlines • Experience in having applied relevant technical knowledge in at least one of the following areas: o Internal or operational IT audits o SOC 2/SAS 70 engagements o Experience with Information Security technologies, tools, and best practices o Working with external vendors for penetration testing, audits, and other regulatory related requests o Participated in defining overall governance strategies and plans • Excellent oral, written and presentation skills with ability to interact with all levels of management • Strong analytical skills • Ability to use discretion and handle sensitive/confidential information • Demonstrated ability to understand and comply with applicable regulations and Company operating policies and procedures • Ability to learn and apply International regulations regarding data privacy and security preferred |
|
| Submit Resume or C.V. | ||