(Charlotte, NC; Raleigh, NC; NY, New York; San Francisco, CA)
about 1 month ago
Sr. Security GRC Analyst (Charlotte, NC; Raleigh, NC; NY, New York; San Francisco, CA)
- Policy, standards, and procedure drafting and reviewing of certification and accreditation documents.
- Documentation review; drafting of policy, procedures and standards, certification and accreditation documents.
- Familiar with DFARS/NIST 800-171, 800-53, NIST, GDPR, ITAR and other federal regulations.
- Perform risk assessments and advise on risk remediation efforts.
- Monitor and document Cyber risk remediation and improvement of controls.
- Collaborate with Vulnerability Management, Insider Threat and Incident Response teams to develop strategies on risk reduction/mitigation.
- Articulate Cyber risk and speak on efforts with stakeholders and non-technical professionals.
- Serve as an Subject Matter Expert to third parties and business units to provide/create recommendations on best practices, policies and procedures.
- Third Party Risk Management.
- Project management.
- Maintain confidentiality.
- Bachelor's degree in accounting, finance, business, computer science, information systems, etc.
- 4 years of GRC experience and 7+ total experience in security or systems analysis.
- Industry knowledge of SOX, Data Privacy, ISO 27001, NIST 800, and FedRamp
- Excellent written and verbal communication skills.
- Strong problem-solving/analytical skills.
- Ability to work in a high paced environment
- Ability to work independently
- Ability to prioritize and multi-task
- Ability to work in a team environment