The Information Technology (IT) group at World Acceptance builds, implements and maintains innovative and powerful technology solutions for World’s operations. With over 1200 branches in the US, we are one of the largest small-loan consumer finance companies in the United States and with continued growth, our team is prepared to protect those technologies and users with security from potential risks.
Essential Duties and Responsibilities:
Assisting the company’s information security program ensuring all IT policies and procedures are documented and updated according to regulatory standards by collaborating with internal departments and maintaining version control documentation.
Providing SOX and PCI subject matter expertise for testing IT Sarbanes-Oxley controls and liaison between audit and business personnel. Collaborating on identified program recommendations and deficiencies from internal and external resources and assist with determining mitigation strategies.
Supporting the Information Security department by performing vendor risk assessments including vendor security posture, compatibility with existing enterprise solutions and compliance with internal controls and external regulations and requirements.
Assist with the development and maintenance of the Business Continuity Plan and IT Disaster Recovery Plan by collaborating with key stakeholders, identifying risk, leading exercises and drills to meet compliance requirements and to ensure readiness in the event of an actual declaration.
Assist with IT’s Change Management Program by working with requestors, approvers and implementers to foster understanding of the change process and ensure compliance to the change management policy. Coordinate and conduct meetings with the Change Advisory Board.
Initiates, facilitates and promotes activities to create information security awareness program procedures. Assists with the design and development of comprehensive security training, education and awareness programs.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required:
Knowledge of industry regulations and standards (i.e. PCI, CIS, SOX, NIST) as well as core technology infrastructure (i.e. firewall, VPN, server, database).
Proven experience interacting with regulators, internal auditors and/or external auditors.
Broad knowledge of DR/BCP practices.
Working knowledge of risk management frameworks.
Self-motivated and sharp attention to detail.
Excellent sense of urgency and drive to get things done.
Demonstrated analytical and problem-solving skills.
Superior organizational skills.
Excellent listening and communication skills.
Ability to work with other WAC business units to achieve broader IT goals and objectives.