IT Governance, Risk and Compliance Analyst

Cluj-Napoca - Romania

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Description

The IT Governance Risk and Compliance (GRC) Analyst is a terrific opportunity to manage and maintain compliance with the European Union Network Information Security Directive (NIS2) framework throughout our organization. This position will support the information cybersecurity management team and will work closely with internal & external stakeholders to assess implement coordinate and monitor information security activities to ensure NIS2 compliance. The role will involve conducting security assessments analyzing gaps in compliance and recommending remediation plans to mitigate risks. Additionally this position will serve as Emersons subject matter expert for NIS2 related matters as well as assist in ISO 27001 Trusted Information Security Assessment Exchange (TISAX) and other cybersecurity framework initiatives.

In This Role Your Responsibilities Will Be:

Support Network Information Security Directive (NIS2) assessments for our organization evaluating their information security controls and practices
Document controls collect evidence and oversee compliance with NIS2
Assist in identifying gaps in compliance with NIS2 requirements and support the development of remediation plans to close gaps
Collaborate with stakeholders across Emerson to implement and maintain security measures aligned with NIS2 standards
Monitor and track progress towards NIS2 compliance goals ensuring timely completion of remediation plans
Report and communicate NIS2 program and compliance initiatives to senior leadership
Support Emerson businesses with external audits to achieve NIS2 compliance
Provide training sessions and workshops on NIS2 requirements and best practices to internal & supply chain stakeholders to ensure NIS2 awareness as appropriate
Stay up to date on any changes within the NIS2 framework and ensure ongoing alignment with evolving standards
Preparation of audits:
- Create and maintain audit schedule
- Identifying and communicate regularly to stakeholders
- Support/coordinate evidence collection
- Preparing the contact persons and audit participants for the audit
Follow-up:
- Managing and reviewing the audit reports and results
- Report on remediation progress
Build control assurance / compliance initiatives to improve the overall cybersecurity posture of the organization
Lead and support various information security framework control gap assessments implementation of framework management systems gap remediation ongoing management and continual improvement initiatives in addition to NIS2 as needed

Who You Are:

You are highly organized and detail-oriented with a strong sense of accountability and a proactive mindset. You thrive in complex environments and are energized by solving problems that require analytical thinking and collaboration. You communicate effectively with both technical and non-technical stakeholders and are comfortable navigating ambiguity while driving results.

For This Role You Will Need:

Bachelors Degree in IT Information Systems Computer Science or related discipline
Experience in these areas:
- Information Security
- Compliance
- Risk Management
1-2 years of experience in ISO 27001 & ISO 27002 TISAX NIS2 or related information security frameworks
Strong understanding of Information Security principles standards and frameworks
Strong experience conducting security assessments and audits
Effective communication and interpersonal skills to properly collaborate effectively with internal teams and external stakeholders.
Project management skills to manage program expectations building work programs/schedules.
Willingness to travel (20%)
Fluent in English

Preferred Qualifications That Set You Apart:

Audit experience
Fluency/proficiency in other European languages

Our Culture & Commitment to You:

At Emerson we prioritize a workplace where every employee is valued respected and empowered to grow. We foster an environment that encourages innovation collaboration and diverse perspectivesbecause we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship training or leadership opportunities we invest in your success so you can make a lasting impact. We believe diverse teams working together are key to driving growth and delivering business results.

Required Experience:

DescriptionThe IT Governance Risk and Compliance (GRC) Analyst is a terrific opportunity to manage and maintain compliance with the European Union Network Information Security Directive (NIS2) framework throughout our organization. This position will support the information cybersecurity management ...

Description

In This Role Your Responsibilities Will Be:

Support Network Information Security Directive (NIS2) assessments for our organization evaluating their information security controls and practices
Document controls collect evidence and oversee compliance with NIS2
Assist in identifying gaps in compliance with NIS2 requirements and support the development of remediation plans to close gaps
Collaborate with stakeholders across Emerson to implement and maintain security measures aligned with NIS2 standards
Monitor and track progress towards NIS2 compliance goals ensuring timely completion of remediation plans
Report and communicate NIS2 program and compliance initiatives to senior leadership
Support Emerson businesses with external audits to achieve NIS2 compliance
Provide training sessions and workshops on NIS2 requirements and best practices to internal & supply chain stakeholders to ensure NIS2 awareness as appropriate
Stay up to date on any changes within the NIS2 framework and ensure ongoing alignment with evolving standards
Preparation of audits:
- Create and maintain audit schedule
- Identifying and communicate regularly to stakeholders
- Support/coordinate evidence collection
- Preparing the contact persons and audit participants for the audit
Follow-up:
- Managing and reviewing the audit reports and results
- Report on remediation progress
Build control assurance / compliance initiatives to improve the overall cybersecurity posture of the organization
Lead and support various information security framework control gap assessments implementation of framework management systems gap remediation ongoing management and continual improvement initiatives in addition to NIS2 as needed

Who You Are:

For This Role You Will Need:

Bachelors Degree in IT Information Systems Computer Science or related discipline
Experience in these areas:
- Information Security
- Compliance
- Risk Management
1-2 years of experience in ISO 27001 & ISO 27002 TISAX NIS2 or related information security frameworks
Strong understanding of Information Security principles standards and frameworks
Strong experience conducting security assessments and audits
Effective communication and interpersonal skills to properly collaborate effectively with internal teams and external stakeholders.
Project management skills to manage program expectations building work programs/schedules.
Willingness to travel (20%)
Fluent in English

Preferred Qualifications That Set You Apart:

Audit experience
Fluency/proficiency in other European languages

Our Culture & Commitment to You:

Required Experience:

Key Skills

ISO 27001
Microsoft Access
Risk Management
Financial Services
PCI
Risk Analysis
Analysis Skills
COBIT
NIST Standards
SOX
Information Security
Data Analysis Skills

Apply Now

About Company

Emerson

Emerson has refocused its business portfolio to deliver solutions that bring greater value to our customers. About Emerson We concentrate on the most complex, profound challenges facing the world in the process, industrial, commercial and residential markets. Our global talent, best-i ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click