Job Details

Home

Security Governance, Risk, and Compliance (GRC) Analyst at Washington, DC, USA

Email: [email protected]

From:

Javed,

Innowox

[email protected]

Reply to: [email protected]

Job Title: IT/ Security Governance, Risk, and Compliance (GRC) Analyst

Location: Washington, DC

(Onsite)

*Note -Max rate is 48/hr on c2c dont call for rate negotiation*

Key Responsibilities:

Assess, evaluate, and make recommendations regarding the adequacy of the security/ IT controls for the client's environment and business objectives especially from a HIPAA compliance perspective

Develop policies, procedures, and processes based on audit findings and/ or compliance framework requirements

Crosswalk controls across multiple security compliance frameworks and regulation to foster adoption and identify gaps

Advise and develop security standards, guidelines, and controls based on best practices and compliance frameworks

Translate security analyses, audit results, and compliance guidance into plain English that is understandable and actionable

Analyze and suggest improvements for security/ IT controls in both design and operation effectiveness

Develop risk registers, ideally aligned to controls, and execute basic risk assessment and management practices

Perform assessments (risk and/or compliance) to develop a baseline for creating or expanding a security program

Develop plans and tracking for non-compliance with applicable controls, and monitoring remediation progress against agreed upon timelines

Develop and implement security measures to safeguard information against accidental or unauthorized damage, modification, or disclosure. This could involve installing firewalls, data encryption, and other security tools.

Continuously monitor security systems for irregular activity. This involves using advanced software tools to detect intrusions and unusual system behavior.

Respond to security breaches and other cyber incidents. This includes leading the investigation of security breaches, assisting in damage control, and recommending corrective actions.

Conduct regular training sessions for employees to raise awareness about cyber security, potential threats, and best practices.

Oversee corporate compliance with security policies

Keep up to date with the latest security technology and trends, as well as the evolving landscape of threats and cyber-attack techniques.

Collaborating with IT department and liaising with external security agencies or consultants.

Required Qualifications:

Bachelors or Masters degree in Computer Science, Engineering, or a related field.

3-5 years experience in a cybersecurity, audit, risk, compliance, or GRC role required including at least a year in the healthcare domain

Working knowledge of common security and privacy frameworks and regulation (e.g. ISO, NIST, CIS, SOC 2, HIPAA, CCPA, PCI DSS)

Knowledge of various security technologies such as firewalls, anti-virus software, patch management, intrusion detection systems, and encryption technologies.

Strong analytical skills to assess security protocols, identify vulnerabilities, and suggest improvements.

Ability to solve complex security issues and provide practical solutions.

Excellent verbal and written communication skills to effectively report risks and make recommendations to stakeholders.

Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar are highly desirable.

Hands on experience in key scripting languages necessary to perform tests

Able to operate with a high degree of independence executing with excellent follow-through for assigned tasks, but also knowing when to stop, ask questions, and seek input from the team or management

Knowledge of network infrastructure and database security

Understanding of Azure and other cloud service architectures

Excellent problem-solving abilities, with a strategic mindset and the capability to drive architectural decisions at the enterprise level.

Strong leadership and communication skills, with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making processes.

Thanks & Regards

Javed Tamboli

Recruitment Lead

Innoworx consulting LLC

Mob : +1 858 358 0940

Email : [email protected]

Keywords: information technology
Security Governance, Risk, and Compliance (GRC) Analyst
[email protected]

[email protected]
View all

Mon Apr 01 21:22:00 UTC 2024

To remove this job post send "job_kill 1268400" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

javed.tamboli@innoworxllc.com wrote:
From:

Javed,

Innowox

javed.tamboli@innoworxllc.com

Reply to:   javed.tamboli@innoworxllc.com

Job Title: IT/ Security Governance, Risk, and Compliance (GRC) Analyst

Location: Washington, DC

(Onsite)

*Note -Max rate is 48/hr on c2c dont call for rate negotiation*

Key Responsibilities:

Assess, evaluate, and make recommendations regarding the adequacy of the security/ IT controls for the client's environment and business objectives especially from a HIPAA compliance perspective

Develop policies, procedures, and processes based on audit findings and/ or compliance framework requirements

Crosswalk controls across multiple security compliance frameworks and regulation to foster adoption and identify gaps

Advise and develop security standards, guidelines, and controls based on best practices and compliance frameworks

Translate security analyses, audit results, and compliance guidance into plain English that is understandable and actionable

Analyze and suggest improvements for security/ IT controls in both design and operation effectiveness

Develop risk registers, ideally aligned to controls, and execute basic risk assessment and management practices

Perform assessments (risk and/or compliance) to develop a baseline for creating or expanding a security program

Develop plans and tracking for non-compliance with applicable controls, and monitoring remediation progress against agreed upon timelines

Develop and implement security measures to safeguard information against accidental or unauthorized damage, modification, or disclosure. This could involve installing firewalls, data encryption, and other security tools.

Continuously monitor security systems for irregular activity. This involves using advanced software tools to detect intrusions and unusual system behavior.

Respond to security breaches and other cyber incidents. This includes leading the investigation of security breaches, assisting in damage control, and recommending corrective actions.

Conduct regular training sessions for employees to raise awareness about cyber security, potential threats, and best practices.

Oversee corporate compliance with security policies

Keep up to date with the latest security technology and trends, as well as the evolving landscape of threats and cyber-attack techniques.

Collaborating with IT department and liaising with external security agencies or consultants.

Required Qualifications:

Bachelors or Masters degree in Computer Science, Engineering, or a related field.

3-5 years experience in a cybersecurity, audit, risk, compliance, or GRC role required including at least a year in the healthcare domain

Working knowledge of common security and privacy frameworks and regulation (e.g. ISO, NIST, CIS, SOC 2, HIPAA, CCPA, PCI DSS)

Knowledge of various security technologies such as firewalls, anti-virus software, patch management, intrusion detection systems, and encryption technologies.

Strong analytical skills to assess security protocols, identify vulnerabilities, and suggest improvements.

Ability to solve complex security issues and provide practical solutions.

Excellent verbal and written communication skills to effectively report risks and make recommendations to stakeholders.

Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar are highly desirable.

Hands on experience in key scripting languages necessary to perform tests

Able to operate with a high degree of independence executing with excellent follow-through for assigned tasks, but also knowing when to stop, ask questions, and seek input from the team or management

Knowledge of network infrastructure and database security

Understanding of Azure and other cloud service architectures

Excellent problem-solving abilities, with a strategic mindset and the capability to drive architectural decisions at the enterprise level.

Strong leadership and communication skills, with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making processes.

Thanks & Regards

Javed Tamboli

Recruitment Lead

Innoworx consulting LLC

Mob : +1 858 358 0940

Email : javed.tamboli@innoworxllc.com

Keywords: information technology 
Security Governance, Risk, and Compliance (GRC) Analyst
javed.tamboli@innoworxllc.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 15

Location: Washington, DC