| SR GRC ANALYST at Jacksonville, Florida, USA |
| Email: [email protected] |
| From: Cauvery Priyadarshini, Vyze Inc. [email protected] Reply to: [email protected] Hi, This is Cauvery from Vyze Inc. Please find the below position , if youre comfortable with the JD kindly revert me back or you can call at my direct number 571-498-9973. Job Description - Job Title: SR GRC ANALYST Location: Jacksonville, FL (Onsite) (LOCAL TO FL) Duration: 12+ Months Visa: USC/GC Must have solid GRC ANALYST and Desired skill in JD LinkedIn is must, Genuine candidate who can pick up the call Job Description: The Governance and Compliance Sr. Analyst will report to the Governance, Risk and Compliance Manager and support the Information Security department to provide the highest quality assurance program to our customers. The Governance and Compliance Sr. Analyst will perform a critical role in providing IT governance and compliance as a service, including assessments, compliance program management and assurance, and control framework maturity evaluations. The Governance and Compliance Sr. Analyst will manage, measure, operationalize and communicate a myriad of compliance initiatives across the enterprise, including but not limited to SOC 1 Type 2, MAR, NY DFS 500, CCPA, HIPAA. Collaboration with business areas within company will be a key success criterion for this individual. Responsibilities: Execute program tasks related to the evaluation of security control framework maturity, such as stakeholder interviews, documentation reviews, and maturity quantification. Ensure the compliance with regulatory requirements (e.g., SOC 1 Type 2, MAR, NY DFS 500, CCPA) and internal controls with proactive validation of controls. Review regulatory and compliance matters related to information technology, as the shared-service provider for all business units and perform necessary gap analysis Implement and maintain an information technology, including security and privacy, controls framework Development and maintenance of IT policies, standard and procedures Act as an advocate for information security practices Engage control owners (of varying information security acumen and expertise) and key stakeholders across the enterprise to collect and test evidence and assess compliance to various requirements (external regulatory and contractual, as well as internal controls) Maintain and foster relationships and trust with key partners throughout the company Maintain compliance and risk management initiatives in a GRC platform Facilitate IT audits and assessments, including remediation of any findings noted Understand contractual elements with third parties and intelligently speak on the security requirements of a contract from an information security point of view Maintain reliable, up-to-date, information from the government and across the industry regarding identification of new security standards and governance Establish governance around disaster recovery function and collaborate with key business and IT leaders to develop security and disaster recovery standards and action plans As directed, conduct periodic internal assessments for security risk and compliance Perform other essential duties as assigned Desired Skills: Project management skills for managing multiple complex activities Knowledge of controls frameworks and applicable regulatory compliance mandates (e.g., NIST, CIS CSC, COBIT, CCPA, HIPAA, GLBA, SOC 1 Type 2, MAR) Conduct research in keeping abreast of latest security issues, Third Party Vendors, and applications as needed Qualifications/Requirements: Working knowledge of governance and compliance, including policy, process, governance, controls frameworks, and regulatory environments Knowledge to evaluate, build and optimize security program elements as assigned (e.g., logical access control, application security, vendor risk management, network security, privacy) Experience in working with auditors Strong organizational skills with ability to thrive in a sense-of-urgency environment, leveraging best practices, and approaching any problem as a team-player with a can-do attitude Strong written and verbal communication skills and ability to interface with all levels of business and executive leadership Excellent analytical, problem solving, and decision-making skills, applied with a solution-focused attitude Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism License / Certificate (any of the following a plus): CISSP, CISA, CISM, CIPP, GIAC Thanks and Regards. Cauvery Priyadarshini US IT Recruiter Vyze INC (An E- VerifiedCompany) Email: [email protected] 25179 Methley Plum Place, Aldie, VA 20105 www.vyzeinc.com Disclaimer: This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited, To remove your email address permanently from future mailings, please send REMOVE to [email protected] . Keywords: information technology green card Florida New York Virginia |
| [email protected] View all |
| Sat Oct 14 03:27:00 UTC 2023 |