IT Compliance & Information Security Analyst

Job Description
Stefanini Group is hiring!
Stefanini is looking for an IT Compliance & Information Security Analyst, Dearborn, MI (Onsite)
For quick apply, please reach out Fardeen Ali at 248-582-6473/ fardeen.ali2@stefanini.com
We are looking for a candidate who will review cybersecurity laws and policies and analyze its impact on organization. They develop security policies and procedures, review security controls and their efficiency, , and monitor processes for compliance risk and vulnerabilities. They also specialize in managing third party security risk programs
Responsibilities

• Advance company policy priorities on cybersecurity, cybercrime, lawful access, encryption, and related issues through legislative proposals, administrative, and regulatory actions
• Review and assess cybersecurity and cybercrime laws, policies, and initiatives and analyze impact on organization
• Develop security policies and procedures, drive development of technical solutions to implement policies, and manage third party security risk program including risk standards and processes.
• Advise, review, and ensure security controls and their efficiency for IT infrastructure deployed globally.
• Monitor processes for compliance risk and vulnerabilities and escalate non-compliance issues to key stakeholders.
• Establish and maintain good working relationships with government affairs and public policy representatives of other companies to achieve objectives

Skills Required

• Risk Assessment, Risk Management, Compliance Professional, Auditing, Information Security

Experience Required

• Senior Specialist with 7+ experience in relevant field.
• Act as a subject matter expert for IT security, risk mitigation, and control implementation.
• Conduct targeted risk assessments aligning the company's security posture with state agency requirements. Evaluate risks of non-compliance and assess adherence to standards (e.g., NIST, CSF).
• Oversee the lifecycle of identified security deficiencies. Develop and document remediation plans for gaps in state-mandated controls. Communicate the organization's risk-handling strategy to state regulators.
• Interpret state cybersecurity regulations and frameworks (e.g., NYDFS, CCPA/CPRA).
• Prepare for "audit-ready" submissions by organizing necessary evidence to support questionnaire responses.
• Translate complex technical architectures into clear responses for state-level inquiries.
• Strategically consolidate global IT regulatory requirements.
• Work closely with Credit Privacy and Compliance Attorneys on IT regulatory requirements.
• Manage user stories and backlogs within JIRA to integrate compliance activities into the technology roadmap.

Education Required

• Bachelor's Degree
• Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives\*\*\*

Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We will also speak with you about the process, including interviews and job offers.
About Stefanini Group
The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are a CMM Level 5 company.