ICT Security, Compliance u0026 Governance Advisor

NES Fircroft
September 22, 2022
Houston, TX
Job Type


Job Description

Primary Responsibilities 

    Advise ICT Management on Compliance issues and activities
    Participate in planning and execution of all ICT compliance activities for related organizations under Service Agreements with Eni US Operating, Co., Inc. 
    Coordinate, refine and manage the annual ICT SOX Reporting Process
    Responsible for the monitoring of stated GCC controls, methods, and practices with the ICT Function.
    Support SOX and Finance management in SOX related regulatory examinations for Corporate ICT SOX Reporting
    Focal Point for internal and external Audit and Compliance associates, including ongoing monitoring of open issues and action plans and corresponding metrics
    Conduct ICT process documentation annual reviews and Process owner approval; maintain process documentation for compliance reporting

Skill Profile

    Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline with 5+ years of experience preferred.  In lieu of a bachelor’s degree, candidates with 10+ years of experience will also be considered.  
    5+ years’ experience in IT Compliance, Cyber Security, and IT Governance. 
    Related information security, technical, and/or project certification preferred, but not required (e.g., CISSP, CISA, CIA, or other professional designation)
    Strong knowledge and understanding of information security practices and policies, including Information security frameworks, standards, and best practices
    Solid IT SOX Compliance and Information Technology experience, with IT Governance experience
    Expertise with at least two of the following regulations/frameworks: SOC 2, NIST CSF, ISO 27001 and/or GDPR
    Ability to think and act both strategically and tactically 
    Broad knowledge of the ICT function and how ICT enables the business through effective ICT governance
    Knowledge of ICT Process best practices, policies, and procedures 
    Applicable communication skills and ability to handle multiple tasks
    Experience writing, reviewing, and implementing IT policies and procedures
    Experience auditing IT operational controls or process improvements
    Ability to communicate with all levels within the organization

Communication Areas

    Strong interpersonal and communication skills to interact effectively with ICT team, process owners, management, and external & internal auditors 

Detailed Responsibilities

    Coordinate with ICT team members and management to facilitate testing of GCC and CELC controls
    Identify opportunities for operational and internal control process improvements. Work with process owners and management team to follow through on implementation of optimization initiatives
    Work with Eni US Operating SOX group for roll-up of ICT reporting
    Work with Eni S.p.A. Internal Control group for ICT compliance reporting
    Work with Eni S.p.A. CYSE group on Cybersecurity standards, education and awareness, strategy and framework development, data classification, risk management, cyber security governance and ICT compliance
    Oversee annual penetration test and vulnerability assessment activities
    Participate as a Security Advisor on various requests & initiatives, providing security guidance & direction while ensuring adherence to Eni S.p.A. security policies & standards
    Create and deliver presentations to both technical and non-technical audiences on Cybersecurity topics 
    Perform annual policy/procedure reviews for ICT compliance
    Ensure adherence to Eni S.p.A. ICT regulations as stated by Internal Control
    Perform bi-annual GCC control reviews and submit updates to Corporate
    Participate in ICT Governance updates and strategy
    Coordinate internal and external ICT audit engagements for Eni US Operating Co. Inc., and all related organizations under Service Agreement with Eni US Operating Co. Inc.
    Perform ICT Risk Analysis activities
    Perform other duties as required 

Health, Safety & Environmental Risk Category:  Low

Also, the ICT Manager is giving consideration to candidates who posses the following skill sets:  

Critical Thinking:  Ability to think and act both strategically and tactically.
Strong verbal and written communication skills and the ability to prioritize and handle multiple tasks.
Confidence to work independently. 

Office/Hybrid/Remote working:  
While the selected resource will be required to be in the office for the first week or two for training, the selected candidate will have the ability to work a hybrid schedule from the office 3 days a week and from home 2 days a week.   

With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Infrastructure, Life Sciences, Mining, Automotive and Chemicals sectors worldwide.With more than 100 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.

Drop files here browse files ...

Related Jobs

Risk Analyst - Risk Management   Houston, TX new
September 29, 2022
September 29, 2022
September 29, 2022
Production Artist   Houston, TX new
September 29, 2022