Compliance Analyst II | Palawan - #84511
- Conduct periodic audits, as deemed necessary, to ensure only authorized Associates are accessing Data. This includes validating access to the bypass door and MDF room is appropriately restricted.
Access Control and Intrusion Detection System
- Ensure the approved Access Control / Intrusion Detection System is installed and operating correctly.
Alarm Arming, Disarming, Masking
- Ensure personnel authorized to open / close the site complete necessary training.
- Ensure guards, if applicable, are trained quarterly on proper procedures.
- Regularly validate shared PINs are reissued per the required cadence. Also validate unique PINs are disabled when the PIN holder terminates employment.
Alarm Monitoring and Response
- In conjunction with periodic tests of access control system, validate alarm monitoring and response procedures aligns with agreed SLAs.
Closed Circuit Television (CCTV)
- Confirm CCTV cameras are positioned properly.
- Validate workstation monitors are not in camera field of view (FOV).
- Ensure periodic reviews and audits of the CCTV system are completed according to policy. In addition to the preceding, audits should confirm retention and image quality meets standards.
Disposal of Physical Data
- Conduct annual policy review, with management, to highlight the importance of proper storage / disposal of confidential data.
- Conduct regular inspection of key areas of scope to ensure compliance with this policy, verify that storage receptacles are locked, and the third party disposal company has provided confirmation that documents were disposed of as required.
- If a third party disposal company is not used, conduct regular review of the Site’s Confidential Information Disposal Log
- Periodically validate new hires have received applicable data handling training, and refresher training has been administered on an annual basis.
- If applicable, review weekly and monthly reports from the Guard Service Provider to ensure issues are identified and addressed.
Main Distribution Frame (MDF)
- Ensure the site’s MDF Room complies will all security requirements listed in the applicable policies and build book.
- Periodically review MDF room access rights and validate only local IT personnel have access.
- Responsible for investigating the root cause of failures to one or all of the Physical Security / Hardware layers. SSF also identifies specific security training and development requirements.
- Manage the completion of regular physical penetration tests and applicable remediation – documenting results on provided template.
Securing Perimeter Openings to Controlled Areas
- Ensure perimeter openings remain properly secured.
- Will ensure approved Security Badges are worn by Associates, Contractors, Vendors, and Visitors while inside a Controlled Area.
Security Reviews, Testing, and Auditing
- Investigate the root cause of failure to any Physical Security / Hardware layer.
Complete all reviews, tests, and audits according to applicable policies:
- SR2 Audits
- Alarm tests
- Commissioning new devices
- Access list audit
- Key log audits
- Camera Audits
Site Key and Lock Control Policy
- Investigate the root cause of key discrepancies.
- Establish and confirm training in area of key control management. Identify specific training and development requirements.
- Conduct Monthly and Semi-Annual key audits.
- Periodically test turnstiles to ensure proper function, and develop plan to mitigate any identified risks by the timeline specified in the Access Control policy.
- Deploy security guards in the event of a turnstile failure. SSF should validate the guard company is provided post orders, is posted at the turnstile around the clock until the defect is corrected, and the ability of said guards to prevent and detect unauthorized access is tested periodically.