Senior Cybersecurity & Compliance Analyst
St. Petersburg, Florida
At HSN you will enjoy a team-focused environment that thrives on innovation and encourages you to be part of a leading interactive entertainment and lifestyle retailer. Our dynamic IT teams bring people, process and technology together. They also work to ensure we create a stable operating environment and increase business productivity.
Check out the top traits we're looking for and see if you have the right mix.
- Technologically Savvy
We come together every day to challenge each other and bring the best ideas to life.
HSN is dedicated to empowering women and helping families in times of need. We are motivated and inspired by our passionate customers and team members. Together, we can make a difference.
Paid Time Off
At Qurate Retail, Inc. (NASDAQ: QRTEA) we believe in a Third Way to ShopSM – beyond transactional e-commerce or traditional brick-and-mortar stores – for customers who crave engaging shopping experiences.
We're a select group of like-minded businesses that provide customers with curated collections of unique products, made personal and relevant by the power of storytelling. We combine the best of retail, media and social to curate experiences, conversations, and communities for millions of highly discerning shoppers. We bring joy, inspiration, and humanity to shopping. We also curate large audiences, across our many platforms, for our thousands of brand vendors.
Job Description Details
This role is responsible for planning and conducting IT General Control (ITGC) operational effectiveness assessments, Cybersecurity Policy reviews, Sarbanes Oxley (SOX) and other compliance frameworks.
Audits information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss. Determines and recommends improvements in current risk management controls and implementation of system changes or upgrades.
- Reviewing and updating the IT audit universe that includes all types of compliance obligations, contractual requirements, and existing and potential risks.
- Planning and reviewing the annual review of compliance requirements influencing operations and initiatives in information security, privacy, IT risk management, business continuity and disaster recovery, and related third parties.
- Developing and revising procedure for the inclusion of changing risks into the plan.
- Planning and reviewing annually the risks influencing the effectiveness of information security, privacy, and Information security risk management.
- Studying risk assessments conducted by the business owners and support functions to incorporate relevant tests in assessment plans.
- Reviewing the IT audit risk assessments conducted by the QVC internal audit team members.
- Planning third-party audits in consultation with vendor management teams and business process owners.
- Reviewing third-party attestation and audit reports, and providing feedback to business leaders and risk owners.
- Reviewing raw data and work papers collated by the QVC internal audit team.
- Monitoring Information Security assessment best practices in the industry to determine opportunities for improvement, including tools and processes.
- Responsible for the coordination and completion of all government, regulatory, and compliance documents for all business units in an organization.
Education, Training and Certification
3-5 years performing IT Audits and Assessments.
Education, Training and Certification
- Graduate or Postgraduate degree in computer science or information technology, and study conducted in information security controls.
- Industry certifications such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP).
- Key business processes in Retail and E Commerce.
- Regulatory and industry compliance standards, frameworks, and guidance including PCI and SOX
- ISACA ITAF™: A Professional Practices Framework for IS Audit/ Assurance DSS, SOX, Data Protection Directive.
Soft Skills and Personal Attributes
- Experience in writing and presenting technical reports in business language to different audiences, including different levels of IT and the business.
- Ability to establish credibility and working relationships with a wide range of corporate personnel, including Audit, IT operations, IT management, executive and legal staff, as well as with external personnel, including external auditors and regulators.
- Ability to maintain open communication channels leadership, management, and peers
- Proven leadership ability.
- Ability to set and manage priorities.
- Exceptionally self-motivated, directed and detail-oriented traits.
- Superior analytical, evaluative and problem-solving abilities.
- Ability to motivate in a team-oriented, collaborative environment.
- Proven experience in project management and morale building.
- Ability to retain and improve team enthusiasm for better supporting the business's assurance requirements.
Business Knowledge and Technical Experience
- Demonstrated use of data analysis software, audit management software and continuous audit solutions.
- Demonstrated understanding of data processing, hardware platforms, and enterprise software applications and outsourced systems. See Table 1 for a sample listing of qualifications and expertise level.
- General knowledge of business theory, business processes, management, budgeting and business office operations.
- Demonstrated expertise in project management.
- Ability to translate the company's vision, values, mission and objectives into drivers for designing the information security assessment/audit agenda.
- Proven experience in writing audit reports for different audiences
- Proven experience of working in technology environments, including audit
- Experience in risk-based audits.
About HSN, Inc.
HSN, Inc., is a leading interactive entertainment and lifestyle retailer, offering a curated assortment of exclusive products and top brand names to its customers. HSN incorporates entertainment, inspiration, personalities and industry experts to provide an entirely unique shopping experience. At HSN, customers find exceptional selections in Health & Beauty, Jewelry, Home/Lifestyle, Fashion/Accessories, and Electronics. HSN broadcasts reach approximately 90 million households (with live programming 364 days per year) and its website — HSN.com features more than 50,000 product videos. Mobile applications include HSN apps for iPad, iPhone and Android. Visit corporate.hsn.com to learn more. HSN, Inc., founded 40 years ago as the first shopping network, is a wholly owned subsidiary of Qurate Retail, Inc. (NASDAQ: QRTEA, QRTEB), which includes QVC, HSN, zulily and the Cornerstone brands (collectively, “Qurate Retail Group”), as well as other minority investments. Qurate Retail Group believes in a third way to shop -- beyond transactional ecommerce or traditional brick-and-mortar stores -- and is #1 in video commerce, #3 in ecommerce in North America and #3 in mobile commerce in the U.S. (according to Internet Retailer).
As an equal opportunity employer, Qurate Retail Group is committed to a diverse workforce and is also committed to a barrier-free employment process. In order to ensure reasonable accommodations for individuals pursuant to applicable law, individuals that require accommodation in the job application process for a posted position may contact us at CareersUS@QVC.com for assistance.
Click Apply and log in with your existing account or create an account. This will allow you to check the status of your application at any time and receive the most up to date communications from our Talent Acquisition team.
About This Location
Find out what it's like to live and work in St. PetersburgGoogle Map This Location