Security Analyst I (GRC)

Duluth, GA 30096 | Contract

Post Date: 03/27/2018 Job ID: 49179 Industry: Security Engineer

Security Analyst I (GRC)

SUMMARY

This role supports our Client’ s IT Governance Risk & Compliance (GRC) program which includes risk management, compliance management, assessments, and security awareness. This position is specifically responsible for assisting in the development or revision of appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization. Under general direction, ensures our IT Security Control Framework is in compliance with SOX and industry standard operating procedures. Collaborates with internal teams, IT management, Internal Audit and other stakeholders to ensure the IT compliance program and associated deliverables are met.

RESPONSIBILITIES:
  • Serve as resource in managing risks & controls
  • Creating or modifying documentation and workflows
  • Contributes in the maintenance of the security exception and findings management processes
  • Contributes in the maintenance of security program metrics and reporting
  • Assists with process management simplification
  • Other duties as assigned

QUALIFICATIONS:
  • Bachelor’ s degree. (e.g., Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management) or equivalent educational or professional experience and/or qualifications
  • Industry certification preferred (e.g., CISA, CISSP, CRISC, etc.)
  • 2+ years of experience with information technology security programs, audits, assessments, risk, or remediation management
  • Familiarity with privacy laws, data protection/security regulations, and frameworks, such as NIST, COBIT, and ISO27002
  • Solid understanding of SOX 404 Compliance
  • Working knowledge of GRC tool(s)
  • Working knowledge of classical compaliance techniques
  • Working knowledge of Support Desk/Incident Management systems
  • Knowledge of SIEM tools
  • Knowledge of Incident Response and Forensics
  • Experience with SharePoint a plus
  • Experience with ServiceNow a plus
Apply Online

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: