🌎
This job posting isn't available in all website languages

Senior Analyst - IT Governance, Risk and Compliance

📁
IT
📅
202414 Requisition #
Share this Job

POSITION SUMMARY:

The ITGRC Sr. Analyst will responsible for developing and supporting GRC programs for IT and the Company (i.e., policies, vendor risk, and security awareness) utilizing enterprise GRC tools. 

RESPONSIBILITIES:

•Develop, in conjunction with IT leadership, Legal, HR, and Audit a policy and standards framework and process to craft and maintain policies/standards

•Manage and measure the IT Security Framework using ISO 27001

•Manage a formal risk analysis and self-assessment program for critical information system assets and processes..

•Assist with corporate audit process and provide supporting materials for audit and regulatory requests

•Track and Ensure adequate and timely resolutions to all audit/review issues relating to security

•Conduct Vendor (Third Party) Risk assessments

•Security Awareness Program for the firm.

•Assist managing the Security Awareness Program for the company.

•Create and manage access recertification’s and entitlement reviews for user and privileged access.

•Delivery of security services and programs to the corporation. 

•Develop success criteria and operational processes.

•Provide guidance on security/privacy policies and standard development.

•Develop and implement action plans to address security issues and enhance the security architecture.

QUALIFICATIONS:

•Required

•B.S./B.A. Degree required in Computer Science, Information Technology, Management or related field.

•5+ years of relevant experience.

•CISSP, CISA, CRISC, CISM, SANS GIAC, or relevant security certification(s) required.

•Hands-on experience supporting IT risk management programs around COBIT, NIST, FAIR  ISO or other relevant IT control frameworks

•PCI DSS compliance and audit support

•SOX

•IT General Controls

•Change management

•IT Operations

•Data Privacy

•GDPR

•Third Party Risk management

•Identity and Access management

•Cloud IT Security

•IAAS

•PAAS

•SAAS

•Security Awareness program management

•Strong analytical, prioritizing, interpersonal, problem-solving, and presentation, budgeting, project management (from conception to completion) & planning skills

•Strong verbal and written communication skills

•Strong matrix management and negotiation/mediation skills. 

•Demonstrated leadership and collaborative skills and ability to work well within a team

•Ability to work with and influence senior management

•Ability to work in a fast-paced and deadline-oriented environment

•Self-motivated with critical attention to detail, deadlines and reporting.

•Preferred

•Experience with ITGRC related tools:

•CyberArk

•SailPoint

•Lockpath Keylight

•Audit Command Language (ACL) is preferred.

•Retail IT Security Experience

•Big 4 IT Audit

•Internal IT Audit

•Security Consulting

•Project management

•GRC tool deployment and management

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions
Please try again.

Oops!

Either there was a problem on our end with the action you just performed, or we are currently having technical difficulties with our system. Please try again later.