Junior GRC Analyst

Who is Forcepoint

Forcepoint simplifies security for global businesses and governments. Forcepoints all-in-one truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. 20 years in business. 2.7k employees. 150 countries. 11k customers. 300 patents. If our mission excites you youre in the right place; we want you to bring your own energy to help us create a safer world. All were missing is you!

Description

The Junior GRC Analyst role is focused on supporting Forcepoints Information Security (IS) - Governance Risk and Compliance (GRC) team in several key focus areas. This role requires strong communication skills a process-oriented mindset and IT technical skills. From a governance and compliance standpoint this includes preparation evidence collection control monitoring and remediation and audit support of required cyber-security compliance controls. Additionally this role will serve as lead in responding to customer compliance requests and security questionnaires on behalf of the GRC team. The Junior GRC Analyst will also support third-party risk assessments as part of new vendor onboarding and recurring vendor assessment requirements. The Junior GRC Analyst will conduct annual reviews of Information Security policies procedures and standards to ensure they are maintained and aligned with applicable certification controls.

Responsibilities

Support the Senior GRC Expert with planning and execution of internal and external IS security audits across an organization and other compliance audit preparedness and certification initiatives.

Review and development of IS Policies Procedures and Plans on an annual basis. This requires the ability to effectively conduct research strong writing and communication skills and the ability to engage key stakeholders for review and support of policy controls. This responsibility requires a process-oriented individual with experience in developing process/workflows.

Apply existing company policies and standards and applicable industry regulations to assist with planning maintaining and operating compliance activities and metrics.

Collaborate with personnel both inside and outside the organization to educate them on audit related cyber-security control requirements develop and generate evidence requests collect artifacts/evidence conduct reviews and track and report associated metrics for reporting purposes.

Daily reviews of the teams GRC platform including security and compliance processes ensuring they are appropriately documented control monitoring issues are identified and action is taken for appropriate remediation.

Coordinate with business units and technical teams for implementation of remediation measures where deficiencies are identified.

Serve as the GRC lead with responding to customer requests for GRC compliance and security information as part of onboarding due diligence requests and customer recurring vendor security reviews of Forcepoint.

Implement new vendor onboarding security reviews and recurring reviews through third-party risk assessments.

Support GRCs risk management program with the risk assessment and remediation tracking processes.

Position Requirements

Formal Education & Qualifications

Education: Bachelors degree Information Technology Information Security Business or equivalent.

Experience: 1 3 years in GRC risk management or related IS field.

Certifications: IS certifications a plus (e.g. CISSP CISA CISM SANS CRISC or equivalent). If no comparable certifications willingness work toward them.

Knowledge & Experience

Experience mapping and rationalizing IT controls to meet requirements across multiple information security/technology compliance standards (e.g. ISO 27001 SOC 2-Type2 IT General Controls).

Technical background / education in IT and/or cyber security

Process mapping - Ability to map and develop process workflows / diagrams.

Familiarity with compliance tools/platforms is a plus.

Experience in audit processes for cyber-security certification compliance.

Excellent written and verbal communication skills.

Understanding of cloud technologies and SaaS platforms preferred.

Personal Attributes and Skills

Experience working independently and with cross functional teams.

Exceptional personal and professional integrity.

Analytical and problem-solving abilities.

Ability to multi-task and effectively prioritize and execute tasks in a fast paced and changing environment.

Proven experience in interfacing and collaborating with people with diverse backgrounds and experience.

Excellent written oral and interpersonal communication skills.

Ability to effectively implement research and summarize data..

Ability to present ideas in both business-friendly and IT-friendly language.

Highly self-motivated and proactive personality.

Keen attention to detail.

Dont meet every single qualification Studies show people are hesitant to apply if they dont meet all requirements listed in a job posting. Forcepoint is focused on building an inclusive and diverse workplace so if there is something slightly different about your previous experience but it otherwise aligns and youre excited about this role we encourage you to apply. You could be a great candidate for this or other roles on our team.

The policy of Forcepoint is to provide equal employment opportunities to all applicants and employees without regard to race color creed religion sex sexual orientation gender identity marital status citizenship status age national origin ancestry disability veteran status or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.

Forcepoint is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Companys career webpage as a result of your disability. You may request reasonable accommodations by sending an email to .

Forcepoint is a Federal Contractor. Certain positions with Forcepoint require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be U.S. Persons as defined in these regulations. Generally a U.S. Person is a U.S. citizen lawful permanent resident or an individual who has been admitted as a refugee or granted asylum.

Applicants must have the right to work in the location to which you have applied.