
[The logo is protected from the company]
Cliffs Natural Resources Inc.
Cliffs Natural Resources Inc. (NYSE: CLF) (Paris: CLF) is an international mining and natural resources company. * The largest producer of iron ore pellets in North America. * A major supplier of direct-shipping lump and fines iron ore out of Australia. * A significant producer of high and low volatile metallurgical coal. Driven by the core values of social, environmental and capital stewardship, Cliffs associates across the globe endeavor to provide all stakeholders operating and fi... Read More
Address | 200 Public Sq # 3300, Cleveland, OH |
Website | www.cliffsnaturalresources.com |
Holding | No Holding Details |
View Company Page
IT Risk & Compliance Sr Analyst
Description
The Risk and Compliance Analyst acts as the liaison for all information technology related internal and external audits, risk assessments, SOX audits, including the development and reporting of metrics on IT controls compliance and audit remediation activities. This role will interface with all levels of technical and mine site resources as well as senior management.
This role leads small to large initiatives to enhance the risk and compliance posture of the organization which is composed of over 1000 network devices supporting 5,000+ end users. This role will provide support to projects and work with project teams across many different technical disciplines and geographic locations.
This role creates and interprets information security policies and assists with their implementation and enforcement. In addition, promotes information security awareness and monitors compliance with information security policy.
This role is the SME for Risk, Audit and Compliance and requires the individual to develop peers’ and junior staff members’ knowledge base. Specifically, this role will:
• Coordinates and tracks internal and external audit findings and activities related to information technology and information security. Coordinates and tracks information technology risks and regularly updates necessary knowledge repositories with the information obtained from issue owners. Creates and published reports and metrics around audit and risk issues
• Coordinates integrations with the Enterprise Risk Management group and performs information technology and information security risk related processes and activities. Coordinates and facilitates the ongoing information security risk management program and the underlying assessments that are required inputs to this assessment process
• Conducts periodic access audits, facilitates annual access reviews and acts as an escalation point for process problems
• Conduct periodic awareness briefing and presentation sessions and answer information security questions (new hires, managers, lunch & learns, etc…). Author and publish information security tips and messages to internal and external subscribers
• Manages the development, delivery and communications surrounding information security policy, classifications, standards, procedures, waivers and best practices to ensure information security across the company
• Makes recommendations and assists in implementing changes that align with information security policy and procedures to strengthen and improve the company security measures
• Maintain workable knowledge and understanding of information security, risk management and regulatory compliance topics. Understands laws, regulations, industry standards and ethical requirements related to information security. Knowledge of best practice security frameworks, commonly used risk assessment methodologies, industry recognized information technology audit and control standards and other industry resources
• Recognize and identify areas where existing policies or procedures require changes. Update the information security policy based on these needs or when there are changes in the legal or regulatory environment
• Conduct assessments of the businesses’ compliance to information security policy in the areas of manual or automated processes, procedures and access control
• Identify and implements processes and methods for auditing and addressing non-compliance with information technology controls and governance frameworks including COBIT, COSO, ITIL, and ISO 27001, 27002.
• Provide information security requirements for new and existing contracts. Work with corporate sourcing and Legal to perform contract reviews for information security risks. Conduct 3rd party and ASP controls reviews
• Acquires and maintains knowledge of current Cliffs Natural Resources standards, policies, procedures and audit requirements. Communicates with intra and inter-department team members as required, as well as members of Cliffs Natural Resources’ technical and project management teams
• Provides technical advice, guidance and assistance for e-discovery requests and investigations related to information security events. Assists with the documentation of such events
• Maintain workable knowledge and understanding of information security, risk management and regulatory compliance topics. Maintains professional/technical currency of information security knowledge
• Perform additional duties as directed by the Director of Information Security and GRC
• Provide support for other team members as required
Education:
• Bachelor’s Degree in a Related Field is required from an accredited 4 year College
• Certified Information Systems Specialist (CISA) and/or Certified Information Systems Security Professional (CISSP) designations preferred
Experience:
• Knowledge of International, US federal and state regulations that related to information security, privacy and information sharing
• Demonstrated experience working on projects, training, designing process solutions, and directly interacting with customers
• Ability to respond to emergency service calls at any time outside of normally assigned work hours
• Knowledge and understanding of current information security techniques and technologies as well as the methods used in performing risk analyses and assessments. Experience with conducting comprehensive threat and risk assessments of IT systems, applications, and networks
• Willingness to travel up to 10%, including international travel, and be flexible to work various hours to accommodate international business needs
* 10+ years experience in IT and / or audit
Other Job Information
Vacancy type: |
Full Time | Contact Mode: |
not provided |
Fax: |
216-694-4880 | Contact Name: |
not provided |
Job Duration: |
not provided | Phone: |
216-694-5700 |
Email: |
jessica.moran@cliffsnr.com |
TalentOne Job Information
Information Technology IT Auditor
Open Jobs - Cliffs Natural Resources Inc.
- Administrative Assistant
- Administrative Assistant North American Exploratio
- Business Improvement Manager
- Chemical\Metallurgical Engineer May 2013
- Chemical\Metallurgical Engineering Internship Summ
- Civil Engineer May 2013
- Civil Engineering Internship Summer 2013
- Electrical Engineer May 2013
- Electrical Engineering Internship Summer 2013
- Electrical Supervisor
- Electrical\Instrumental Maintenance Technician
- FerroChrome Production Facility
- Geological Engineering Internship Summer 2013
- HR Business Partner
- Industrial Electrician
- IT Audit Manager
- IT Risk & Compliance Sr Analyst
- IT Vulnerability Management Sr Analyst
- IT Vulnerability Management Sr Analyst
- Maintenance Technician
- Manager Ferroalloys Finance
- Manager Inventory Control
- Mechanical Engineer May 2013
- Mechanical Engineering Internship Summer 2013
- Metallurgical Engineer
- Mine Maintenance Technician
- Mine Operations Supervisor
- Mine Operations Technician
- Mine Site & Processing Facility
- Mine Surveyor\Technician
- Mining Engineer
- Mining Engineer May 2013
- Mining Engineering Internship Summer 2013
- Mobile Equipment Maintenance Supervisor
- Mobile Equipment Maintenance Supervisor
- Operations Training Coordinator
- Plant Operations and Maintenance Technician
- Plant Operations Technician
- Process Engineer
- Project Geologist
- Project Manager Mine Expansion
- Reliability Engineer
- Reliability Engineer Electrical
- Section Manager Mine Engineering
- Section manager Railway operations
- Senior Mine Geologist
- Senior Supervisor Payroll
- Senior Tax Analyst
- Staff Accountant
- Weldor
News - Cliffs Natural Resources Inc.
Related Jobs

Business Strategist / PMO- (IT Services Organisati
Develop a Transformation Roadmap - Develop detailed bus ... [more]

Sr Legal & CS Opening - Noida || CMMI Level 5, Sof
Job Description Send me Jobs like this Location: Noid ... [more]