SBA Communications
SBA Communications is a leading independent owner and operator of wireless communications infrastructure, including towers, buildings, rooftops, DAS and small cells. We offer a competitive benefits and compensation package and are looking for team members who will thrive in our dynamic environment.
We welcome your interest in SBA. Let us know a little about you by checking all that apply:
You are a self-starter.
You are resourceful and thrive in a fast-paced environment.
You have a strong work ethic.
You are passionate and driven to achieve results.
You are a team player who enjoys working in a collaborative environment.
You continuously challenge yourself to find innovative ways to improve.
We operate with the highest sense of integrity and commitment to quality. We focus on achievement and operate with responsiveness, timeliness and accountability. Our culture of excellence incorporates working collegially, where every team member can contribute meaningfully and make a difference.
If you are ready to make an impact, join our team!
Essential Duties & Responsibilities
Coordinate IT compliance meetings, walkthroughs, code reviews, remediation, evidence requests and collection in partnership with Internal Audit to facilitate compliance with Sarbanes-Oxley (IT-SOX), including IT General Controls (ITGC), Quarterly Access Reviews (QAR), User Acceptance Testing (UAT), Systems and Organization Control (SOC 1 – SOC 2), and IT Process Narratives. Collect and conduct technology and ITGC control reviews, in partnership with SBA business units and report on the results to SBA stakeholders. Maintain and distribute departmental IT security and compliance documentation, including policies, procedures, and process documentation, metrics, attestation reports, and others. Administer risk related technologies and communicate risks and control designs to SBA stakeholders for all in-scope IT-SOX and technology general controls. Provide information security & compliance metrics to company stakeholders to showcase program return on investment (ROI). Participate in mandated company compliance initiatives. Manage ITSC SharePoint folders content for accuracy and relevance. Interact with IT and enterprise teams to minimize risk to the environment. Participate in annual review and incident response and recovery activities. Ensure complete issue tracking, provide feedback, and report results as accomplished. Familiarity with GRC concepts and the NIST Cybersecurity and Privacy Frameworks. Build understanding and awareness of security issues throughout the organization, must have excellent communication and presentation skills. Must be a good team player. Review security configurations and updates to ensure software and infrastructure are protected. Ensure compliance with all applicable measurements and production reporting and policies. Work with other teams to manage the proper transition of security projects into production. Ensure the complete and proactive protection of all corporate data and systems. Participate in the acceptance and delivery of all projects and tasks related to security operations. Other projects and duties as assigned. Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor’s degree in MIS, Information Security, Business, or equivalent or pursuing completion of 3 years’ experience providing IT audit, cyber audits, security governance, risk, and compliance services in support of a medium-to-large multi-location organization. 3 years IT auditing experience preferred; “Big 4” background is preferred. Demonstrated knowledge working with Internal and External Audit and other IT and Business stakeholders. Preferred experience with audit-related technologies (i.e., Audit Board), information security technologies, including Security Awareness, GRC, Data Classification, SIEM, Cyber Threat Intelligence, is preferred.
#J-18808-Ljbffr
Coordinate IT compliance meetings, walkthroughs, code reviews, remediation, evidence requests and collection in partnership with Internal Audit to facilitate compliance with Sarbanes-Oxley (IT-SOX), including IT General Controls (ITGC), Quarterly Access Reviews (QAR), User Acceptance Testing (UAT), Systems and Organization Control (SOC 1 – SOC 2), and IT Process Narratives. Collect and conduct technology and ITGC control reviews, in partnership with SBA business units and report on the results to SBA stakeholders. Maintain and distribute departmental IT security and compliance documentation, including policies, procedures, and process documentation, metrics, attestation reports, and others. Administer risk related technologies and communicate risks and control designs to SBA stakeholders for all in-scope IT-SOX and technology general controls. Provide information security & compliance metrics to company stakeholders to showcase program return on investment (ROI). Participate in mandated company compliance initiatives. Manage ITSC SharePoint folders content for accuracy and relevance. Interact with IT and enterprise teams to minimize risk to the environment. Participate in annual review and incident response and recovery activities. Ensure complete issue tracking, provide feedback, and report results as accomplished. Familiarity with GRC concepts and the NIST Cybersecurity and Privacy Frameworks. Build understanding and awareness of security issues throughout the organization, must have excellent communication and presentation skills. Must be a good team player. Review security configurations and updates to ensure software and infrastructure are protected. Ensure compliance with all applicable measurements and production reporting and policies. Work with other teams to manage the proper transition of security projects into production. Ensure the complete and proactive protection of all corporate data and systems. Participate in the acceptance and delivery of all projects and tasks related to security operations. Other projects and duties as assigned. Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor’s degree in MIS, Information Security, Business, or equivalent or pursuing completion of 3 years’ experience providing IT audit, cyber audits, security governance, risk, and compliance services in support of a medium-to-large multi-location organization. 3 years IT auditing experience preferred; “Big 4” background is preferred. Demonstrated knowledge working with Internal and External Audit and other IT and Business stakeholders. Preferred experience with audit-related technologies (i.e., Audit Board), information security technologies, including Security Awareness, GRC, Data Classification, SIEM, Cyber Threat Intelligence, is preferred.
#J-18808-Ljbffr