13 days old

Principal IT Gov Risk & Compliance - 90294979 - Washington

Washington, DC 20004

Your success is a train ride away.

Amtrak connects businesses and communities across the country and we move Americas workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees.

Are you ready to join our team?

The Principal Risk & Compliance Specialist is an experience internal auditor proficient in risk management key controls and standards, supporting, overseeing and monitoring the Companys IT control environment, ensuring IT control findings and risk exposures are identified and addressed in a timely manner. Position evaluates IT infrastructure, operations, and application systems with a goal of ensuring the design and operating effectiveness of the IT controls are upheld. Work plans and measures are instituted to achieve scope, objectives and potential risks are assessed and adequate key IT Controls meet Internal Audit Standards. This role manages all non-security related policies and procedures, ensuring the policies are reviewed periodically and updated as needed.

Manages all non-security related policies and procedures.
Owns the IT policy catalog / repository and conducts IT policy reviews.
Facilitates risk assessments to evaluate, prioritize, and quantify the potential impact of risks and vulnerabilities associated with controls, systems, and findings.
Coordinates and tracks finding responses, supports efforts to mitigate identified risks and threats, and evaluates the documented Plan of Action & Milestones (POA&M) required for each finding.
Works closely with various departments across Amtrak to support a consistent enterprise-wide risk program based on the NIST Risk Management Framework.
Identifies and documents potential risks in a centralized risk register with associated risk assessments and mitigating controls.

Reviews, revises, and where appropriate, proposes new policies and procedures to ensure compliance with applicable laws and regulations.
Leads IT Risk & Compliance team members through development of new or updated IT related policies.
Identifies major risk factors which may prevent Amtrak from achieving its strategic, operational, financial reporting and compliance objectives.
Assumes audit or review lead for multiple Amtrak IT audit projects concurrently, ranging from simple to complex.
Plans and manages compliance testing initiatives, including audits of internal controls, identifying internal IT controls, assessing design compliance and operational effectiveness, determining risk exposures and developing remediation plans.
Creates budget forecasts and participates in the development of IT audit budgets. Tracks and takes appropriate steps to stay within budget.
Works with the Director IT Risk & Compliance and other appropriate leadership to formulate, develop and review audit responses.
Generates appropriate communication, process and educational plans for mitigating the disruption of change. Identifies and removes obstacles to change.
Effectively perform all IT Controls as applicable.

Bachelors Degree in accounting, information systems or computer science with 7+ years relevant experience or equivalent work experience
11+ years of relevant work experience to satisfy education and experience requirements
Certified Information System Auditor (CISA)
Experience performing integrated audits
Familiarity with the risk-based audit approach.
Familiarity with industry frameworks (e.g. COSO, COBIT, NIST, etc.), best practice and methodologies
Must possess strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated
Strong written communication skills.

Masters Degree
Experience working in large complex companies, that heavily rely on real time 24x7 operations to successfully service external customers
Experience in the transportation industry.
SAP ERP security audit experience
At least 7 years of broad IT audit experience to include executing internal audit or risk management consulting engagements.

Must have excellent oral and written communication skills.


Requisition ID:62241
Posting Location(s):District of Columbia
Job Family/Function:Information Technology
Relocation Offered:No
Travel Requirements:Up to 25%

Amtrak employees power our progress through their performance.

We want your work at Amtrak to be more than a job we want it to be a fulfilling experience where you find challenging and rewarding opportunities, respect among colleagues, competitive pay, benefits that protect you and your family, and a high performance culture that recognizes and values your contributions and helps you reach your career goals.

We proudly support and encourage U.S. Veterans to apply for Amtrak job opportunities.

All positions require pre-employment background verification, medical review and pre-employment drug screen. Amtrak is committed to a safe and drug-free workplace and performs pre-employment substance abuse testing. All new hires are required to undergo a hair drug test which detects the presence of illegal drugs for months prior to testing.Marijuana,notwithstanding any statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession ofmarijuana, whether for medical, recreational, or other use. Candidates who engage in the usage ofmarijuanawillnotbe qualified for hire.We appreciate your cooperation in keeping Amtrak safe and drug-free.

In accordance with DOT regulations (49 CFR section 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety- sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, he/she will not permitted to perform safety-sensitive functions.

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an Affirmative Action/Equal Opportunity Employer and we welcome all to apply. We consider candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability (including blindness), or veteran status.

POSTING NOTES: Information Technology|| Corporate Jobs



  • Transportation
Posted: 2021-09-08 Expires: 2021-10-08

Amtrak, the national rail operator, connects America in safer, greener and healthier ways. With 21,000 route miles in 46 states, the District of Columbia and three Canadian provinces, Amtrak operates more than 300 trains each day — at speeds up to 150 mph — to more than 500 destinations. Amtrak is the operator of choice for state-supported corridor services in 17 states and for four commuter rail agencies.

Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Principal IT Gov Risk & Compliance - 90294979 - Washington

Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast