Cyber Security Governance Risk and Compliance Analyst
Cyber Security Governance Risk and Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The Cyber Security Governance Risk and Compliance Analyst Will Support The Cyber Security Team To Drive The Design Implementation And Ongoing Delivery Of
- Formal Cyber Security Risk Management.
- Cyber Security Policies.
- Cyber Security Compliance.
- Participate in the review and assessment of thirdparty vendor security controls to ensure compliance with Cyber Security standards.
- Third Party Risk Assessments.
- M&A Cyber Security Due Diligence.
- Disaster Recovery/Business Continuity Planning (DR/BCP).
- Help monitor and ensure compliance with relevant regulatory requirements such as GDPR HIPAA ISO 27001 CMMC NIST CSF Cyber Essentials among others.
- Support the development of training and awareness programs for employees to promote a securityconscious culture and adherence to J.S. Held.
- Assist in coordinating internal and external audits and examinations related to Compliance and Cyber Security.
- Aid in the preparation and presentation of GRC reports metrics and key performance indicators as needed.
- Coordinate annual external penetration test and security assessments utilizing 3rd party.
- Contribute to incident response activities including updating the directory documenting and reporting security incidents and participating in postincident analysis to identify areas of improvement.
- Stay updated on emerging Cyber Security trends regulatory changes and industry standards to assist in keeping the organizations GRC practices current and effective.
- Establishing a process for continuous improvement of the Cyber Security program based on lessons learned from incidents audits and assessments.
Qualifications :
Required Qualifications
- Professional Level / English Fluency (B2.
- Experienced building and executing technology risk frameworks assessments reports metrics KRIs and utilizing risk management tools to analyze and model risk. Ability to align frameworks and policies to address requirements from frameworks like COBIT NIST CSF and ISO and regulations such as GDPR HIPAA NY500 and CCPA.
- Experience designing and evaluating Cyber Security processes risks and controls.
- Technical knowledge of Azure Azure AD O365 Windows 10/11 iOS and technical controls us to secure Technology assets (Data Client and Server OS Network Applications SaaS IaaS etc.
- Handson Cyber Security compliance program ensuring IT activities processes and procedures meet defined requirements policies and regulations.
- Strong oral and written communications skills appropriate for interacting with all levels of staff vendors and other stakeholders.
- Ability to develop security standards and guidelines based on best practices and industry standards.
- Excellent interpersonal communication and presentation skills including formal report writing experience.
- Proficiency in analyzing security risks vulnerabilities and controls within an IT environment.
- Capability to work on multiple tasks with shifting and sometimes conflicting priorities.
- Able to work effectively with other departments to develop effective and efficient solutions.
- Experience designing and implementing information technology processes.
- Demonstrated experience successfully collaborating with remote colleagues.
- Experience working with vendors or managing vendor relationships.
- Experience collaborating with Compliance Legal Infrastructure HR and Security teams.
- Ability to deal with ambiguity and flexibility to work collaboratively with others in a dynamic environment.
Preferred Qualifications
- Bachelors degree in Computer Science or similar.
- Minimum 8 years of experience in IT Audit Risk Management or Compliance
- 5 years (Required) Cyber Security
- 3 years (Required) Cyber Security Governance Risk and Compliance (GRC)
- Professional certifications such as CISA CompTIA Security COBIT CISM are a plus.
Additional Information :
We welcome applications from individuals with disabilities. If you are an individual with a disability and would like to request a reasonable adjustment in relation to any of the above please email and include Applicant Adjustment within the subject line with your request and contact information.
Some of the Benefits We Have Include
J.S. Held understands all of our employees are people and sometimes life needs flexibility. We work to always provide an environment that best supports and suits our teams needs.
- Our flexible work environment allows employees to work remotely when needed.
- Generous Annual Leave Policy.
- Comprehensive Medical Insurance.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities duties or responsibilities required of the employee for this job. Duties responsibilities and activities may change at any time with or without notice.
By submitting your application you acknowledge that you have read the J.S. Held Online Privacy Notice and hereby freely and unambiguously give informed consent to the collection processing use and storage of your personal information as required and described therein.
Please explore what were all about at www.jsheld.
EEO and Job Accommodations
We embrace diversity and our commitment to building a team and environment that fosters professional and personal enrichment is unwavering. We are greater when we are equal!
J.S. Held is an equal opportunity employer that is committed to hiring a diverse workforce. All qualified applicants will receive consideration for employment without regard to sex gender identity sexual orientation race color religion national origin disability protected Veteran status age or any other characteristic protected by law.
#LISC1
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
