This site uses cookies. To find out more, see our Cookies Policy

IT Compliance Analyst in Nashville, TN at Books-A-Million, Inc.

Date Posted: 4/4/2019

Job Snapshot

Job Description

The Compliance Analyst will be responsible for ensuring the company adheres to industry and legal standards and in-house policies related to compliance and security matters.  In addition, implements the policies, procedures, and programs to protect the organization’s data, software, and systems from unauthorized modification, destruction, disclosure and operational compliance.

Job Requirements

Roles and Responsibilities

  • Utilizing strong knowledge of PCI and other IT compliance areas, implement best practices that will help prevent data breaches and in turn increase customer trust
  • Review the work of colleagues when necessary to identify compliance issues and provide advice or training
  • Implement control systems to prevent or deal with violations of legal guidelines and internal policies
  • Evaluate the efficiency of controls and improve them continuously
  • Manage IT control systems and processes to prevent or manage remediation of deficiencies to IT compliance guidelines and internal policies
  • Maintain relevant technical documentation and process flow diagrams
  • Design and schedule regular security awareness training for employees
  • Assess and test effectiveness of security awareness testing
  • Oversee vulnerability management procedures
  • Oversee incident response procedures
  • Conduct periodic risk assessments and security testing
  • Conduct periodic access reviews
  • Conduct periodic firewall reviews
  • Conduct periodic business continuity testing
  • Keep abreast of regulatory developments within or outside of the company as well as evolving best practices in compliance control

Qualifications and Education Requirements

  • Bachelor's degree from a four-year college or university with course work in information systems or equivalent experience
  • Minimum of 4 or more years of experience in a similar role with a proven record of successful implementation IT compliance strategy


Preferred Skills

  • Experience with policy and control implementation to meet industry standards and regulatory requirements
  • Proven ability to perform the necessary functions to establish and maintain PCI compliance
  • Familiarity with e-discovery, breach notification and privacy regulation
  • Familiarity with NIST CSF and CIS Top 20
  • Strong technical background in computer networks, application architecture, and technical security controls preferred.
  • Familiarity with security scanning, firewalling, SIEM, identity management a plus.

Physical and Environmental Requirements

  • Must be able to sit at a computer or desk for extended periods of time.
  • Must be able to use hands/arms to operate keyboard, telephone and for repetitive motion activities.
  • Must be able to lift objects up to 25 lbs. with or without assistance.
  • Must be able to communicate using speech, sight, and sound with or without assistive device.
  • Must be able to stand, walk, stoop or crouch while performing daily activities of the job.
Not Ready?

Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

Join Our Talent Network