| SR GRC ANALYST||Hybrid||12-Months||Skype at Remote, Remote, USA |
| Email: [email protected] |
| From: Shiva Chauhan, Tek Inspirations LLC [email protected] Reply to: [email protected] Hello, Hope you are doing well, Please check the below job description and let me know if you have any suitable candidate for the same: SR GRC ANALYST Hybrid 12-Months Skype Need DL at the time submission. MUST BE IN THE STATE OF FLORIDA AND CAN WORK ONSITE 3 DAYS A WEEK IN DEERFIELD BEACH, FL (BOCA RATON) Must have Good ENGLISH. Job Description: The Governance and Compliance Sr. Analyst will report to the Governance, Risk and Compliance Manager and support the Information Security department to provide the highest quality assurance program to our customers. The Governance and Compliance Sr. Analyst will perform a critical role in providing IT governance and compliance as a service, including assessments, compliance program management and assurance, and control framework maturity evaluations. The Governance and Compliance Sr. Analyst will manage, measure, operationalize and communicate a myriad of compliance initiatives across the enterprise, including but not limited to SOC 1 Type 2, MAR, NY DFS 500, CCPA, HIPAA. Collaboration with business areas within company will be a key success criterion for this individual. Must have solid GRC ANALYST Desired Skills Project management skills for managing multiple complex activities Knowledge of controls frameworks and applicable regulatory compliance mandates (e.g., NIST, CIS CSC, COBIT, CCPA, HIPAA, GLBA, SOC 1 Type 2, MAR) Conduct research in keeping abreast of latest security issues, Third Party Vendors, and applications as needed Responsibilities: Execute program tasks related to the evaluation of security control framework maturity, such as stakeholder interviews, documentation reviews, and maturity quantification. Ensure the compliance with regulatory requirements (e.g., SOC 1 Type 2, MAR, NY DFS 500, CCPA) and internal controls with proactive validation of controls. Review regulatory and compliance matters related to information technology, as the shared-service provider for all business units and perform necessary gap analysis Implement and maintain an information technology, including security and privacy, controls framework Development and maintenance of IT policies, standard and procedures Act as an advocate for information security practices Engage control owners (of varying information security acumen and expertise) and key stakeholders across the enterprise to collect and test evidence and assess compliance to various requirements (external regulatory and contractual, as well as internal controls) Maintain and foster relationships and trust with key partners throughout the company Maintain compliance and risk management initiatives in a GRC platform Facilitate IT audits and assessments, including remediation of any findings noted Understand contractual elements with third parties and intelligently speak on the security requirements of a contract from an information security point of view Maintain reliable, up-to-date, information from the government and across the industry regarding identification of new security standards and governance Establish governance around disaster recovery function and collaborate with key business and IT leaders to develop security and disaster recovery standards and action plans As directed, conduct periodic internal assessments for security risk and compliance Perform other essential duties as assigned Desired Skills Project management skills for managing multiple complex activities Knowledge of controls frameworks and applicable regulatory compliance mandates (e.g., NIST, CIS CSC, COBIT, CCPA, HIPAA, GLBA, SOC 1 Type 2, MAR) Conduct research in keeping abreast of latest security issues, Third Party Vendors, and applications as needed Qualifications/Requirements Working knowledge of governance and compliance, including policy, process, governance, controls frameworks, and regulatory environments Knowledge to evaluate, build and optimize security program elements as assigned (e.g., logical access control, application security, vendor risk management, network security, privacy) Experience in working with auditors Strong organizational skills with ability to thrive in a sense-of-urgency environment, leveraging best practices, and approaching any problem as a team-player with a can-do attitude Strong written and verbal communication skills and ability to interface with all levels of business and executive leadership Excellent analytical, problem solving, and decision-making skills, applied with a solution-focused attitude Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism License / Certificate (any of the following a plus): CISSP, CISA, CISM, CIPP, GIAC Thanks & Regards Shiva Chauhan IT Recruiter TEK Inspirations LLC : 13573 Tabasco Cat Trail, Frisco, TX 75035 Email: [email protected] Email is the best way to reach me. Keywords: information technology Florida New York Texas |
| [email protected] View all |
| Fri Aug 04 20:59:00 UTC 2023 |