Audit and Compliance Specialist

Posted 21 Days Ago
Hiring Remotely in Dulles, VA
Remote
119K-125K Annually
1-3 Years Experience
Aerospace • Travel
The Role
The Audit and Compliance Specialist at ATPCO will ensure compliance with various legal and regulatory frameworks, conduct internal audits, prepare for external audits, support third-party risk management, and identify process improvements. This role involves collaboration with various teams to remediate audit findings and maintain compliance documentation.
Summary Generated by Built In

Company Description

ATPCO is the foundation of flight shopping, providing pricing and retailing data, tools, and services to 500+ airlines, global distribution systems, sales channels, and technology companies. In addition, ATPCO links the entire airline community together, collaborating to develop industry standards for airline distribution and end-to-end technology solutions. As a result, ATPCO solutions work seamlessly across existing, new, and evolving technologies and methods from shopping to settlement. Airline-owned and reliably supporting air travel for more than 55 years, ATPCO is everywhere people buy flights.

We consider qualified applicants for employment without regard to race, gender, age, color, religion, national origin, citizenship status, marital status, disability, sexual orientation, protected military/veteran status, gender identity or expression, genetic information, marital status, medical condition, or any other legally protected factor.

Job Description

ATPCO is seeking a highly skilled and detail-oriented Audit and Compliance Specialist to ensure ongoing compliance with Legal and Regulatory Frameworks such as PCI-DSS, ISO 27001, and ISO 27701 standards, General Data Protection Regulation (GDPR), Data Privacy Framework (DPF), Internal Compliance Audits, and other Legal and Regulatory frameworks. The ideal candidate will have a strong background in audit preparation, working closely with auditors, collaborating with various teams to remediate audit findings, and supporting Third-Party Risk Management activities


Key Responsibilities:


  1. Ensuring Ongoing Compliance:
  • Continuously monitor and stay updated with changes in PCI-DSS, ISO 27001, and ISO 27701 standards.
  • Ensure all policies, procedures, and practices comply with regulatory and organizational requirements.
  • Conduct regular internal audits and risk assessments to identify areas of non-compliance.
  • Develop and implement corrective action plans to address any identified gaps.
  1. Audit Preparation:
  • Maintain comprehensive and accurate documentation of all compliance-related activities, policies, and procedures.
  • Ensure all records are readily available for audit purposes.
  • Coordinate with various departments to gather necessary documentation and evidence for audits.
  • Conduct pre-audit reviews to ensure readiness and compliance.
  1. Audit Support:
  • Serve as the primary point of contact for external auditors.
  • Facilitate communication between auditors and internal teams.
  • Provide auditors with required documentation, explanations, and evidence.
  • Address any questions or concerns raised by auditors promptly and accurately.
  • Review audit findings and collaborate with relevant teams to develop and implement remediation plans.
  • Track and document the progress of remediation efforts resulting from audit findings to ensure timely resolution.
  • Identify opportunities for process improvements to enhance compliance and reduce the risk of future findings.
  • Implement best practices and lessons learned from previous audits.
  1. Third-Party Risk Management and ATPCO Security Assessments:
  • Conduct risk assessments and due diligence on third-party vendors to ensure they meet ATPCO's security and compliance standards.
  • Maintain a database of third-party risk assessments and ensure regular updates and reviews.
  • Collaborate with the procurement and legal teams to ensure that all third-party contracts include necessary compliance and security requirements.
  • Monitor third-party compliance with agreed-upon security and compliance standards.
  • Facilitate RFP processes and address customer security self-assessment questionnaires regarding ATPCO’s information security controls.
  • Document and report on third-party incidents and their impact on ATPCO’s compliance posture.
  1. Training and Awareness:
  • Develop and deliver training programs to ensure staff are aware of compliance requirements and best practices.
  • Promote a culture of compliance within the organization through ongoing awareness training campaign.

Qualifications:

  • Bachelor’s degree in Information Security, Compliance, or a related field.
  • Professional certifications such as CISA, CISM, CISSP, or equivalent are highly desirable.
  • Extensive knowledge of PCI-DSS, ISO 27001, and ISO 27701 standards.
  • Proven experience in audit preparation, conducting internal audits, working with external auditors, and third-party risk management.
  • Strong analytical, problem-solving, and communication skills.
  • Ability to work collaboratively with cross-functional teams.
  • Detail-oriented with a high level of integrity and accountability.

Benefits:

  • Competitive salary and benefits package.
  • Opportunities for professional growth and development.
  • Collaborative and dynamic work environment.
  • Promote a culture of compliance and ethical behavior within the organization through ongoing awareness campaigns.

Salary Range: USD $119,000 to $125,000

*The disclosed range estimate has not been adjusted for applicable geographic differential associated with the location*

Additional Information

All your information will be kept confidential according to EEO guidelines.

The Company
HQ: Dulles, VA
561 Employees
On-site Workplace
Year Founded: 1965

What We Do

The foundation of flight shopping. Trusted leader in airline pricing and retailing content working with 440+ airlines and 200+ channels.

Jobs at Similar Companies

Spotnana Logo Spotnana

Senior Software Engineer, Backend

Big Data • Cloud • Information Technology • Software • Travel
Easy Apply
Hybrid
Bengaluru, Karnataka, IND
356 Employees
Easy Apply
Lafayette, CO, USA
55 Employees

Doodle Labs Logo Doodle Labs

Marketing Manager

Aerospace • Hardware • Internet of Things • Robotics • Wearables • App development • Automation
Hybrid
Los Angeles, CA, USA
50 Employees
90K Annually

Similar Companies Hiring

Spotnana Thumbnail
Travel • Software • Information Technology • Cloud • Big Data
New York, NY
356 Employees
Doodle Labs Thumbnail
Wearables • Robotics • Internet of Things • Hardware • Automation • App development • Aerospace
SG
50 Employees
Orbit Fab Thumbnail
Hardware • Aerospace
Lafayette, CO
55 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account