Governance, Risk and Compliance Analyst
Governance, Risk and Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Flexera saves customers billions of dollars in wasted technology spend. A pioneer in Hybrid ITAM and FinOps Flexera provides award-winning data-oriented SaaS solutions for technology value optimization (TVO) enabling IT finance procurement and cloud teams to gain deep insights into cost optimization compliance and risks for each business service. Flexera One solutions are built on a set of definitive customer supplier and industry data powered by our Technology Intelligence Platform that enables organizations to visualize their Enterprise Technology Blueprint in hybrid environmentsfrom on-premises to SaaS to containers to cloud.
Were transforming the software industry. Were Flexera. Withmore than 50000 customersacross the world were achievingthat goal.Butwe knowwe cant do any of that without our team.Ready to help us re-imagine the industry during a time of substantial growth and ambitious plans Come and see whywere consistently recognized by Gartner Forrester and IDCas a category leader in the marketplace.Learn more at
About Flexera
Flexera delivers industry-leading technology value optimization solutions that enable you to inform your IT so you can transform your IT. From on-premises to the cloud you get the IT asset data you need to right size reallocate spend reduce risk and maximize ROI. Our innovative technology has consistently positioned us as a Leader in the marketplace - recognized by Forrester Gartner and IDC for the breadth and depth of our solutions.
Job Description
The Cybersecurity-Governance Risk and Compliance Analyst will work very closely with the GRC Manager to oversee our ISO 27001 and SOC 2 Type II certifications and evaluate additional security frameworks. This role will also take part in addressing customer assessment questionnaires and audits both pre/post-sales.
Mandatory Skills:
- Work together with GRC Manager to Manage and sustain the companys multiple security certifications.
- Continuously review the ISO 27001 Information Security Management System to ensure compliance and annual recertification eligibility.
- Conduct risk assessments maintain the risk register report on risk and work with various internal teams to mitigate risks across the organization.
- Proactively identify areas for improvement within the security program and lead efforts to address and remediate these areas.
- Manage the companys vendor risk management program.
- Ensure organizational readiness for external audits.
- Manage pre- and post-sales customer assessment questionnaires and customer audits.
- Maintain comprehensive information security documentation including policies procedures standards guidelines and diagrams.
- Recommend and implement policy and procedure changes in response to evolving security landscapes.
- Collaborate with various teams to integrate compliance and risk management processes into daily operations.
- Understand the role of systems and technology within the firm and their value to the business.
- Work with IT and business units to implement effective cybersecurity measures and integrate security practices into business processes.
- Assisting with data governance activities producing data flow diagrams and guiding information rights management/protection.
- Market the security program externally putting together collateral to speak to the robustness of the program.
Experience & Qualifications
- Computer Science Degree or substantial equivalent experience
- Experience with implementing and maintaining ISO 27001 program
- Experience with Third Party Security Assessment
- Experience with Customer Questionnaire and assessments
- Relevant industry certifications
- Experience working with IT and Security leadership to define & articulate security strategies and program plans.
Overall IT/Security Experience: 4 years
Role Specific Experience: 2 years
Who You Are
Only those that possess the below qualities should apply maintaining the status quo is not good enough we are a team of people who are never done we always strive to improve.
Team Collaborator: Work across internal and external teams of all levels to proactively support the business
Outcome driven: Pursue impactful initiatives that move the needle on SOC operational effectiveness
Effective Communicator: Delivers complex information in a confident and convincing manner appropriate to a diverse audience.
Inquisitive: A propensity to find out why something is the way it is look under the covers see if it can be improved.
Analytical: Gather data from multiple sources find areas of weakness or risk and come up with solutions
Flexera is proud to be an equal opportunity employer. Qualified applicants will be considered for open roles regardless of age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or any other characteristic protected by local/national laws policies and/or regulations.
Flexera understands the value that results from employing a diverse equitable and inclusive workforce. We recognize that equity necessitates acknowledging past exclusion and that inclusion requires intentional effort. Our DEI(Diversity Equity and Inclusion)council is the driving force behind our commitment to championing policies and practices that foster a welcoming environment for all.
We encourage candidates requiring accommodations to please let us know by emailing.
Required Experience:
IC
Employment Type
Full-Time
