GreensboroRecruiter Since 2001
the smart solution for Greensboro jobs

Security Analyst, Governance, Risk & Compliance

Company: firstPRO Inc.
Location: Greensboro
Posted on: November 24, 2022

Job Description:

firstPRO is now accepting resumes for a Security Analyst with a focus on Governance, Risk & Compliance. This position will be performed 100% remotely, but may need to travel to Greensboro, NC a couple times per year. (All expenses paid) This is a perm hire opportunity that comes with salary and benefits.

Update the risk register with an accurate rating of register entries based on acceptable risk levels and progress mitigating risks.
Lead and manage the third-party risk management function of the information security risk management program to ensure vendor security risks are identified and monitored.
Use established methods to assess risk both qualitatively (impact/probability) to establish a risk rating and quantitatively to show the impact in dollars of a realized risk (SLE/ALE), and to determine the cost of addressing risk such that residual risk is at an acceptable level.
Contribute to security architecture, monitoring and risk handling by evaluating and making recommendations to management regarding the adequacy of the security controls for TFM's information and technology systems.
Policy/Compliance
Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
Develop and implement effective and reasonable information security and privacy policies aligned with adopted and approved frameworks. Present new and changed policies to the information security board for approval and once approved, communicate to the company.
Execute strategy for managing compliance with the following or similar frameworks: PCI DSS, NIST-CSF, NIST-RMF, etc.
Manage and continuously improve TFM's security awareness program. Plan, track progress and report on security awareness training compliance and provide thought leadership regarding the content of upcoming training for the company.
Communicate the value of security awareness on an ongoing basis. Provide input on the direction of security tests, report results and recommend appropriate remedial training for test failures.
Perform as audit liaison between IT and auditors for any external audits. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective reflective of TFMs culture. Provide guidance, evaluation and advocacy on audit responses
Conduct periodic self-assessments against stated policy and adopted frameworks to ensure compliance is being maintained at all times.

*QUALIFICATIONS*
At a minimum, what you'll need:
--- B.S. Degree. Cybersecurity or IT discipline preferred.
--- Minimum of 5 years of combined experience in Information security, compliance, technology audit, or a related field.
--- Minimum of 5 years working on an information security risk management program or team in positions of increasing responsibility.
--- Minimum of 2 years experience working with one or more of the following frameworks: PCI, NIST-CSF, NIST-RMF, ISO 27001.
--- Minimum of 1-year experience using an IRM/GRC tool (e.g. Archer, Resolver, Ostendio, KCM) to administer and maintain an information security risk management program.
--- Minimum of one of the following security certifications: GRCP, CRISC, PMI-RMP, CISSP, CRMA, CASP+, Security+ or other relevant certification.
--- Experience working within a hybrid on-prem / cloud IT environment.
--- Strong written and verbal communication skills.
--- Experience working in a collaborative team environment.

Job Type: Full-time

Pay: $120,000.00 - $140,000.00 per year

Benefits:
* 401(k) matching
* Dental insurance
* Flexible schedule
* Health insurance
* Life insurance
* Paid time off
* Vision insurance
Compensation package:
* Yearly pay
Experience level:
* 5 years
Schedule:
* 8 hour shift
* Monday to Friday

Work Location: Remote%58047475%

Keywords: firstPRO Inc., Greensboro , Security Analyst, Governance, Risk & Compliance, Professions , Greensboro, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Greensboro RSS job feeds