IT GRC Analyst

Job title: IT GRC Analyst

Job description: The IT GRC Analyst will work with various stakeholders to develop, maintain, and enhance controls and implement a risk-based approach when evaluating organizational technology requirements. It will also help develop risk and compliance strategies and create, improve, and monitor company’s cybersecurity controls. **KEY RESPONSIBILITIES:** • Help define and lead the implementation of an enterprise-wide strategy focused on the reduction of technology risk • Work with IT, business, and internal and external audit teams to perform security and compliance assessments on new and existing systems, processes, and technologies • Participate in disaster recovery and business continuity planning and testing • Lead efforts to achieve compliance with various frameworks and regulations by consulting and working with the relevant IT and business staff and control owners • Perform periodic gap assessments to validate compliance on an ongoing basis to ensure that proper controls are in place and risks are appropriately mitigated **MINIMUM QUALIFICATIONS REQUIRED:** • 3+ years of relevant experience in the IT risk, security, compliance, or audit field • Experience working with security management tools • Working knowledge and experience with the PCI and SOX compliance processes • Working knowledge of Information Security best practices and standards such as COBIT, ISO 27000 Series, PCI DSS • Excellent writing and verbal communication skills, interpersonal and presentation skills, and proven ability to influence and communicate effectively with all levels of staff • Ability to understand how the business functions and how to balance cybersecurity risk and compliance needs with organizational goals • Bachelor’s degree in Information Systems, Cybersecurity, or a related field

Click Here to Apply

Source: