Share this Job

IT Compliance Specialist

Date: Sep 25, 2022

Location: Atlanta, GA, US, 30308

Company: Norfolk Southern Corp.

#LI-JK1 #LI-Hybrid


Job Description

The IT Compliance Specialist at Norfolk Southern supports the development and implementation of compliance programs, policies, reporting, and practices. We are looking for an IT Compliance Specialist that will work with the team to ensure that our IT operations comply with legal regulatory standards, procedures, and policies. Your duties will include working with IT departments to comply with internal and external audits, identify gaps in Information Security policies and work with the Security Architecture team to fulfill them, work on data privacy activities and training, work with the Security Awareness team to develop and deliver effective compliance training,  among other functions.


To be successful as an IT Compliance Specialist, you should be able to identify compliance issues and recommend solutions. You should also have strong analytical thinking skills and be able to maintain meticulous records of compliance activities.

Principal Duties:

  • Provide support to IT departments with internal and external audit requests.
  • Track and coordinate IT teams’ responses to IT Audits.
  • Provide support on SOX related and other assessments (internal and with external auditors) to ensure that controls are functioning effectively and are adequate.
  • Provide support during reviews of security policies, procedures, standards
  • Work with the Security Awareness team in developing and providing employee training on compliance, policies, and best practices.
  • Maintain records of compliance activities.
  • Work with inter disciplinary teams as needed.
  • Provide support in creating reports and metrics of compliance activities.


  • Strong self-motivation, self-management, and time management skills, with the ability to work under pressure, prioritize work, meet targets, and intensify when appropriate while staying professional and positive.
  • Attention to details, Strong analytical and critical thinking skills, and documenting and reporting skills.
  • Excellent listening, communication (written and verbal) and interpersonal skills with the ability to communicate with all levels within the organization, including both technical and non-technical personnel.
  • Basic knowledge of US compliance regulations and requirements such as PCI, SOX, as well as various data security and privacy frameworks (NIST CSF, NIST SP800-53)
  • Understanding of core IT general control processes (e.g., Change Management, System Development Lifecycle, Information Security, IT Operations etc.)
  • Understand and use of basic project management methodologies, including the ability to plan, manage and maintain a complex, organization wide program over the longer term
  • Excellent relationship-building skills

Job Related Experience:

Preferred Level: 2+ years of compliance, auditor, or relevant work experience in one or more of the following fields: information security, risk management, IT operations or another related field


Preferred Level: Bachelor’s Degree (BS)

Preferred Majors: computer science, information technology or management information systems, business administration with an emphasis in accounting or technology.


  • CRCMP, CISA, CRISC, CISM or other industry certifications will be considered a plus
  • Knowledge of security standards: NIST Cyber Security Framework, NIST SP800-53, COBIT, SOX

Company Overview

Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation’s premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers. Norfolk Southern is a major transporter of industrial products, including chemicals, agriculture, and metals and construction materials. In addition, the railroad operates the most extensive intermodal network in the East and is a principal carrier of coal, automobiles, and automotive parts.


At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.


Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation, and gender identity. Together, we power progress.


Nearest Major Market: Atlanta