Senior Security Governance, Risk, Compliance (GRC) Analyst

icon building Company : Amiseq Inc.
icon briefcase Job Type : Full Time

Number of Applicants

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
icon loader

This job is no longer accepting applications.

Scroll down below to view similar jobs .

Job Description - Senior Security Governance, Risk, Compliance (GRC) Analyst

Senior Security Governance, Risk, Compliance (GRC) Analyst
San Jose, CA - Hybrid role
6 Months Contract
Reporting to the Director Information Security, Governance, Risk, and Compliance, the
Senior GRC Analyst will contribute to the development and operational execution of the
program, including risk management and compliance with standards and regulations such
as ISO27001 and EU GDPR.
Responsibilities
Support the GRC operating model and the service-oriented customer engagement model.
Provide Cybersecurity Risk Management leadership and operational delivery of the program.
Support GRC capabilities, such as compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
Assist to manage security compliance programs and activities that support various compliance regulations.
Perform risk assessments to address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
Collaborate with various operational and business teams to complete assessments, develop treatment plans, and drive remediation items to closure.
Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
Establish and maintain security metrics and reporting.
Respond to customer security/compliance questionnaires.
Act as security risk management "ambassador to internal customers.
Accountable for
The use of defined risk methodologies and best practices to perform IT/Security
assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
Driving remediation activities from identification, treatment plan, remediation, and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
Operations and improvements of security audit and compliance programs to support various compliance regulations.
Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management. Support the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk.
Qualifications
Candidate must have at least 7 years working in governance, risk and compliance
and/or information security and risk management, and at least 5 in risk management.
Functional knowledge of the CISSP security domains and information security
industry standard and best practices.
Functional knowledge of applicable security regulatory and compliance requirements (SOX, GDPR). Functional knowledge of ISMS governance models and analysis of certification reports (i.e. ISO 27001, SOC, CAIQ), information
security roles, security controls.
Ability to communicate risk methodologies and concepts to business units and IT teams.
Demonstrated experience with controls definition, development, implementation and assessment.
Strong interpersonal skills and ability to work effectively with diverse and globally distributed teams.
Strong attention to detail, project management and organizational skills.
Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
Ability to independently lead program areas and cross-functional teams to deliver high quality results according to well-defined planning.
Define and communicate program and activity plans and roadmaps, and effectively collaborate with all business and IT groups to achieve goals.
Original job Senior Security Governance, Risk, Compliance (GRC) Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.

This job is no longer accepting applications.

Scroll down below to view similar jobs .

icon no cv required No CV Required icon fast interview Fast Interview via Chat

Share this job with your friends

icon get direction How to get there?

icon geo-alt San Jose, California

icon get direction How to get there?
View similar Others jobs below

Similar Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2024 Grabjobs Pte.Ltd. All Rights Reserved.