| Security Analyst of Governance Risk at Boca Raton, Florida, USA |
| Email: [email protected] |
| Hi, Hope you are doing great! Please check the below requirement and send me your updated Resume Security Analyst of Governance Risk Location: Boca Raton, Fl (On Site Role) Duration: 8+ Months MOI: Skype CISA and CISSP certifications (preferred). Job Summary: This individual will interface with the Security Operations, IT Operations, and various business units to: Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Departments security policies. Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls. Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT. Manage IT security vulnerabilities management program aligned with PCI and NIST standards. Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important. For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs. Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls. Coordinating, tracking, and verifying remediation of audit findings. Documenting the results and developing a plan of action and milestones for mitigating any identified risk. Produce formal audit reports based on ISACA Audit Standards. Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices. GRC RiskAnalyst Skills & Requirements: IT Audit experience (CISA certified preferred) IT Risk Management lifecycle experience Hands-on technical experience (e.g. developer, system administrator) Experience working with NIST 800-30 Risk Assessment Standard Extensive experience with IT General Controls evaluation and design Advanced skill level in business process mapping and documentation as well as policy and procedure development Recent experience in Information Security with up-to-date knowledge of the current threat landscape. Solid understanding of PCI DSS standards Education and Certifications: Bachelors Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience. CISA and CISSP certifications (preferred). Piyush Varshney Sr Technical Recruiter |Vyze Inc. Phone : +1 703 982 7189 E : [email protected] Hangout : Piyush.vyze36 linkedin.com/in/piyush-v- -0852a4218 Disclaimer : This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited, To remove your email address permanently from future mailings, please send REMOVE to [email protected] -- Keywords: information technology Florida |
| [email protected] View all |
| Tue Oct 03 23:00:00 UTC 2023 |