×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

IT Security Risk and Compliance Specialist

Job in Cedar Falls, Black Hawk County, Iowa, 50613, USA
Listing for: Veridian Credit Union
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: IT Security Risk and Compliance Specialist - FT

Summary

The IT Security Risk and Compliance Specialist is responsible for supporting and maintaining Veridian's Information Security and Privacy compliance programs. This role ensures adherence to regulatory, industry, and internal requirements through monitoring controls, conducting assessments, managing evidence, and partnering with business units to strengthen the organization’s security posture.

Essential Functions
  • Maintain and support Veridian's Information Security compliance frameworks (e.g. ISO 27001, PCI DSS v4, CSF 2.0, CIS Controls) and ensure alignment with industry best practices.
  • Oversee ongoing compliance activities, including evidence collection, control testing, documentation updates, and remediation tracking.
  • Administer the IT Security Compliance/GRC (Auditboard Cross Comply) platform and partner with Enterprise Risk to align controls with KPIs and reporting requirements.
  • Assist with mapping data flows across the organization ensuring compliance with privacy, security, and regulatory obligations.
  • Support standards and procedure development to ensure they reflect regulatory requirements and organizational objectives.
  • Serve as the primary internal subject matter expert for PCI DSS. Coordinate and validate evidence, support annual PCI assessments, assist with compensating controls, and interface with external QSAs and auditors.
  • Perform periodic assessments of technical and administrative controls to evaluate compliance effectiveness and identify gaps or deficiencies.
  • Conduct control testing, reviews, and continuous monitoring activities to ensure systems and processes meet regulatory expectations.
  • Partner with internal and external auditors or assessors to prepare assessments, gather required artifacts, respond to inquiries, and track remediation activities. Provide regular, clear, and concise reporting to IT Security Management communicating the effectiveness of standards and compliance requirements.
  • Communicate compliance gaps, control weakness, or control risks. Provide guidance and support to stakeholders in understanding compliance findings, resolve audit exceptions, and implement corrective actions.
  • Support IT Security Team with risk reduction initiatives, compliance-driven projects, and continuous improvement activities that strengthen the organization’s security posture.
  • Perform due diligence on third-party vendors to assess security posture, compliance with regulatory requirements, and alignment with organizational standards.
Key Attributes
  • Oral and written communication skills.
  • Member service focus.
  • Attention to detail and accuracy.
  • Positive attitude that supports a team environment.
  • Dependable and punctual; flexible during peak times.
  • High level of confidentiality.
  • Organizational skills.
  • Self-motivated; ability to work without close supervision.
  • Problem solving; analysis.
Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:

  • Occasionally lift and/or move items over 50 pounds.
  • Remain sedentary (seated) for extended periods of time.
Working Conditions

This job operates in a professional office environment and routinely uses standard office equipment.

Travel

Limited travel expected.

Required

Education and Experience
  • Bachelor's Degree in Computer Science, Information Systems, or related field or equivalent combination of education, training, and experience of 8+ years.
  • 3+ years of experience with practical knowledge of regulatory standards such as NCUA, FFIEC, HIPAA, GLBA and PCI DSS.
  • Strong 1+ years of experience with IT Security frameworks such as NIST, CSF, CIS, and ISO 27001:2022.
  • 1+ years of experience conducting control assessments, managing compliance evidence, or supporting audit support.
Preferred

Education and Experience
  • 5+ years of experience working with information security compliance standards.
  • 3+ years of experience working with privacy regulations.
  • Knowledge of 3 or more key compliance or regulatory standards related to financial institutions.
  • Certification in audit practices, security, or privacy standards such as CISA, PCI IAS, and CISM.
Other Duties

Veridian Credit Union…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search