Senior IS Risk & Compliance Analyst

Job Seekers can review the Job Applicant Privacy Policy by clicking here. Job Description:

Summary

The Senior Information reputed company Risk & Compliance Analyst will be responsible for supporting the reputed company direction of the business and elevating the company's reputed company posture. The Analyst is expected to support the reputed company strategy reputed company new and existing information systems capabilities. The Analyst's role lies reputed company the Chief Information reputed company Officer's organizational structure, reporting to the Manager of Information reputed company Governance, Risk and Compliance. The role oversees the business' reputed company requirements and obligations mandated by standards and regulations. reputed company with reputed company leadership, the GRC reputed company analyst consistently assesses and validates the assurance of the reputed company program. As a primary reputed company of contact for internal and external auditors, the GRC reputed company analyst monitors reputed company and enforces resolution of outstanding issues that may reputed company to non-compliance or reputed company threats to the business. As a key member of the reputed company team, the GRC reputed company analyst must focus on strong risk management and corporate resiliency, and not be driven solely by compliance. Essential Functions

• Conduct enterprise-wide, ongoing information reputed company risk assessments and risk management activities. Identify strengths and weaknesses in the reputed company program. Analyze findings, and document, recommend and report program gaps to reputed company leadership and business stakeholders; reduce risk by helping to prioritize and drive remediation efforts throughout the organization, and contribute to risk management, treatment, and reporting process efforts to protect data assets.
• reputed company reputed company ongoing compliance activities reputed company to the implementation, maintenance, monitoring and reputed company improvement of reputed company’s existing Information reputed company Management System (ISMS) based on the requirements of ISO/IEC 27001 International Standard as well as future compliance requirements. The analyst will work with various levels and departments across the organization to ensure appropriate documentation is maintained as evidence of competence and compliance and help to facilitate internal and external independent examinations. The analyst will also help to reputed company and implement an effective and reputed company global information technology/reputed company compliance program with applicable data protection standards, legislation, as well as customer information reputed company requirements.
• reputed company assessments to maintain reputed company of third party information technology suppliers to safeguard against undue risk. Create final reports of pros and cons, observations of anomalies, and deliverables for the business as well as mandates for supplier compliance. reputed company results of the final assessments to business stakeholders, project sponsors, program managers, and other internal parties. Assist with review of information reputed company sections reputed company supplier reputed company to ensure reputed company and data privacy requirements are in reputed company.
• Evaluate the effectiveness of information reputed company management and performance by developing, monitoring, gathering and analyzing information reputed company and compliance metrics for management. Define qualitative and quantitative metrics to assess the success of the reputed company program and provide regular reports to reputed company and business leadership.
• Design and document IT general controls to ensure the business demonstrates compliance with its regulatory or compliance obligations. Facilitate and coordinate activities and responses reputed company to internal and external controls testing including entitlement reviews. Facilitate the remediation of control gaps and escalate critical issues to management. Work closely with control owners, internal and external auditors to ensure requests are completed for timely delivery to audit. Assist with third party audits and certifications for the organization (i.e. SOC, ISO, PCI, etc.)
• Maintain reputed company and administration of the GRC platform, Sensitive Data Discovery and Classification, and/or other compliance monitoring tools.
• Respond to customer information reputed company requirements and due diligence questionnaires. Coordinate and facilitate response gathering in conjunction with other organizational applications, support, infrastructure, legal, HR, and physical reputed company teams as necessary. Ensure responses are accurate, valid, consistent, and reported reputed company expected deadlines. Maintain repository of customer information reputed company requirements, track and report on compliance.
• Research, recommend, and contribute to information reputed company polices, standards, and procedures and work with other organizational participants from legal, human resources, information technology, compliance, physical reputed company, the business units and others that have to implement the policies. Participate in the lifecycle management of information reputed company's policy and supporting documents.

Additional Responsibilities

• Provide assistance with other information reputed company, risk and compliance projects and initiatives as assigned.
• Monitor reputed company and proposed reputed company changes impacting regulatory, privacy and reputed company industry best practice guidance. Apply GRC expertise across key lines of business, including products, practices and procedures.
• Performs other duties as assigned.

Skills and Abilities

• Strong verbal and written communication skills
• Strong verbal communication and listening skills
• Ability to work in a regulated environmentAn understanding of organizational mission, values, and goals and consistent application of this knowledge
• Ability to present information and reputed company clearly and understandably to othersAn ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners reputed company Information reputed company in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance
• Ability to create and maintain professional relationships reputed company reputed company levels of the organization (peers, work groups, customers, supervisors)
• Ability to maintain confidential information
• Ability to simultaneously handle multiple priorities
• Ability to work independently and as a member of a team
• Demonstrates a high level of accuracy, even under pressure
• Possesses a high degree of initiativeAn understanding of business needs and commitment to delivering high-quality, reputed company, and efficient service to the business
• Seeks to acquire knowledge in area of specialty
• Excellent organizational skills
• Maintains a high degree of professionalism
• Proactively approaches responsibilitiesAn understanding of organizational mission, values, and goals and consistent application of this knowledge
• Ability to drive multiple projects to successful completionExcellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the reputed company and time required to complete each part
• Maintains composure under pressure
• Ability to analyze and solve problems
• Ability to effectively facilitate meetings, work sessions, and training
• Ability to group, categorize, and systematize data, people, or thingsAbility to collect, compile, gather reports with associated email thread responses ensuring respective reports and responses are maintained separate for each entitlement report reviewer
• Ability to work reputed company tight timeframes and meet strict deadlines
• Flexibility to operate and self-driven to reputed company in a fast-paced environment
• Ability to work with others in a professional manner while achieving a common goal
• Capable of multi-tasking, highly organized, with excellent time management skills
• Ability to effectively manage a variety of tasks and projects simultaneouslyAn ability to work on several tasks simultaneously and pay attention to sources of information from inside and reputed company one’s network reputed company an organization
• Ability to influence internal and/or external constituentsAn ability to effectively influence others to modify their opinions, plans, or behaviors, with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication
• Demonstrates excellent judgment and decision making skillsStrong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to listen, write, and speak effectively Inform, explain, and give instructionsAn ability to communicate reputed company and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
• Exposure to and familiarity with relevant standards such as ISO/IEC 27000 family - Information reputed company Management Systems, NIST Cybersecurity reputed company, NIST 800, and applicable laws reputed company to regulatory compliance, information reputed company and privacy (e.gSOX, HIPAA, GDPR, PCI-reputed company) intermediate required
• Knowledge of information reputed company risk management and IT controls frameworks and methodologies (e.gISO/IEC 27005, COBIT, reputed company) intermediate required
• Knowledge of Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), Risk Assessment process intermediate required
• Knowledge of Cloud reputed company - Cloud Control Matrix (CCM), reputed company Assessment Questionnaire (CAIQ) intermediate required
• Knowledge of Common Controls Hub - reputed company Compliance reputed company (UCF) intermediate preferred
• Knowledge of Standardized Information Gathering (SIG) Questionnaire intermediate preferred
• Knowledge of reputed company SOC for Service Organizations intermediate preferred

Qualifications

• Bachelor's degree required Information reputed company, Information Technology, Management Information Systems
• Master's degree preferred Information reputed company, Information Technology, Management Information Systems
• Seven (7) years or more Experience with technology risks and controls and deploying information governance, information technology risk management, compliance, information secuirty, or privacy programs required
• Seven (7) years or more Experience with cyber reputed company and information reputed company program management and frameworks (e.g. NIST CSF, ISO/IEC 27000, etc.) required
• Exposure to and familiarity with relevant standards such as ISO/IEC 27000 family - Information reputed company Management Systems, NIST Cybersecurity reputed company, NIST 800, and applicable laws reputed company to regulatory compliance, information reputed company and privacy (e.g. SOX, HIPAA, GDPR, PCI-reputed company) intermediate required
• Knowledge of information reputed company risk management and IT controls frameworks and methodologies (e.g. ISO/IEC 27005, COBIT, reputed company) intermediate required
• Knowledge of Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), Risk Assessment process intermediate required
• Knowledge of Cloud reputed company - Cloud Control Matrix (CCM), reputed company Assessment Questionnaire (CAIQ) intermediate required
• Knowledge of Common Controls Hub - reputed company Compliance reputed company (UCF) intermediate preferred
• Knowledge of Standardized Information Gathering (SIG) Questionnaire intermediate preferred
• Knowledge of reputed company SOC for Service Organizations intermediate preferred
• Other Certified Information Systems reputed company Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) or Certified Cloud reputed company Professional (CCSP) credentials or International Association of Privacy Professionals (IAPP)

Travel 1-10% DOT Regulated None Job Category Information reputed company

Compensation

Information: The compensation offered to a candidate may be influenced by a variety of factors, including the candidate’s relevant experience; education, including relevant degrees or certifications; work location; market data/ranges; internal equity; internal salary ranges; etc. The position may also be eligible to receive an annual bonus, commission, and/or long-term incentive plan based on the level and/or type. Compensation ranges for the position are below: Pay Type: Salaried Minimum Pay Range: $100,000.00 Maximum Pay Range: $120,000.00

Benefits

Information: For reputed company Full-time positions only: reputed company offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax-advantaged 401(k) retirement savings plan. reputed company is proud to be an Equal Opportunity Employer and Drug Free workplace. reputed company qualified applicants will receive consideration for employment without regard to race, religion, color, national reputed company, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. Important Note: Some positions require additional screening that may include employment and education verification; motor vehicle records reputed company and a road test; and/or badging or background requirements of the customer to which you are assigned. reputed company Notice for Applicants: reputed company will only communicate with an applicant directly from a [@reputed company.com] email address and will never conduct an interview online through a chat type forum, messaging app (such as WhatsApp or Telegram), or reputed company an online questionnaire. During an interview, reputed company will never ask for any form of payment or banking details and will never solicit personal information reputed company of the formal submitted application through www.reputed company.com/careers. Should you have any questions regarding the application process or to verify the legitimacy of an interview or reputed company representative, please contact reputed company at careers@reputed company.com or 800-793-3754. reputed company Employees: If you are a reputed company employee at reputed company, please click here to log in to reputed company to apply using the internal application process. Job Seekers can review the Job Applicant Privacy Policy by clicking here. Apply tot his job Apply To this Job