Senior Governance Risk & Compliance Specialist

Website EBSCO Industries

EBSCO Industries, Inc. (EBSCO), headquartered in Birmingham, Alabama, is one of the largest privately held and family-owned companies in the United States. EBSCO was founded in 1944 by an entrepreneur who was passionate about honoring our commitments to our customers, rejecting the status quo, and seeking to continuously improve our team. We continue to operate that way today, with a passion for our people and our businesses succeeding together. EBSCO has grown and evolved over time into a holding company with a global portfolio comprised of dozens of entities in over 15 separate industries/markets, including Information services, outdoor products, real estate, manufacturing and distribution, and insurance services. We provide valuable support services to our subsidiaries to support their growth. We hire passionate people, driven to grow, because we know the success of EBSCO depends on the long-term success of our businesses and our teams.

EBSCO’s Corp IT team is looking for a new member for their Information Security Team. The Senior Governance Risk and Compliance Specialist under general supervision, ensures proactive compliance within all departments of the organization based on industry best practices. The compliance specialist will train employees on industry standards, develop policies, and evaluate compliance through auditing and security assessments. To be successful, the analyst must possess a strong background in regulatory guidelines to lead the organization toward excellence in compliance.

Job Responsibilities

  • Must stay up to date on the latest security trends, vulnerabilities, privacy legislation, and news items and communicate new finding with other team members.
  • Documents policies, procedures and standards based upon guidance from Corporate Security Management.
  • Recommends and leads changes in security policies and practices in accordance with changes in law.
  • Research mechanisms and tools for control compliance.
  • Leads periodic audits of business entities to ensure continued compliance.
  • Provide Incident Response management for the enterprise and support of business units as needed.
  • Provide consultative security expertise to business units and Corporate IT teams in support of projects as needed.
  • Continuous monitoring and research of real time alerts.
  • Track and report of policy violations.

Job Requirements

  • Outstanding organizational, interpersonal and communication (written and verbal) skills.
  • 3-5+ year experience with various standards (PCI/DSS, SOX, FedRAMP HIPAA etc.)
  • 3-5+ years’ experience in an Information Technology security role.
  • Bachelor’s Degree
  • Strong background in M365 Compliance Center, ServiceNow GRC Module, and Knowbe4 Training Security Awareness Training
  • Solid understanding of security technologies (NextGen firewalls, vulnerability management, endpoint security, DLP, etc.)

Preferred Skills

  • Ability to manage changing workloads while maintaining a sense of priorities and delivering quality service within required timeframes.
  • Ability to learn new technologies and applications and apply that knowledge to daily workflows.
  • Attention to detail, organized and able to work and research independently.
  • Demonstrated adaptability, analytical and problem-solving ability, and attention to detail.
  • Solid understanding of web application security/OWASP Top10

We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, sex, pregnancy status, age, national origin or ancestry, ethnicity, religion, creed, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and termination of employment. We comply with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law.


Nearest Major Market: Birmingham

Job Segment: Compliance, Law, Real Estate, Information Security, Legal, Sales, Technology

To apply for this job please visit careers.ebscoind.com.