| Immediate job opening for Senior Security Analyst in Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: Khursheed, RHG [email protected] Reply to: [email protected] Hi Professional, Hope you're doing great! Senior Security Analyst The Senior Security Analyst will manage, measure, operationalize and communicate a myriad of compliance initiatives across the organization, including but not limited to HITRUST Certification, SOC2/Type II Certification, PCI, CCPA, GDPR, PIPEDA, HIPAA and others as relevant and applicable. The Senior Information Security Compliance Analyst will execute projects related to information security compliance, risk management, third party risk, privacy support, policy evolution, and security awareness support. The analyst will contribute to the overall advancement of organizations. Information Security Governance Risk and Compliance (GRC) capability. Excellent understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, SOC 2, HITRUST etc.) Candidate will have an advanced level of experience enabling them to understand. security compliance fundamentals, how to properly. test controls/gather evidence and demonstrate confident execution of industry frameworks such as ISO 27002, SOC 2, and HITRUST for information security and privacy. This individual contributor will be tasked with executing compliance. assessments, evidence gathering, controls testing, crafting risk memos, and engaging the company GRC Platform. The senior analyst will be responsible for communicating risks and context effectively across all audience types including line-level employees, technologists, and executive leaders. Coordinating with key stakeholders across the organization to collect and test evidence and assess compliance to various compliance requirements (e.g. HITRUST, SOC2/Type II). Advise and assist clients in developing their assessment methodology, such as risk tiering methodology, risk assessment process flows, risk assessment questionnaires, and reports. Understanding of network security, cloud security, encryption, logging and monitoring, authentication, authorization, IAM,DLP etc. Excellent interpersonal, communication and presenting skills; able to concisely. communicate security risks to both technical and business audiences. CISA/CISM/CISSP/CEH certification will be added advantage. Best Regards, Khursheed Keywords: |
| [email protected] View all |
| Sat Aug 05 00:16:00 UTC 2023 |