A strong GRC analyst with 3+ years of experience. This analyst needs experience with creating and updating company policies, procedures, and standards. The analyst needs experience working with frameworks such as NIST, PCI DSS, HIPAA, etc. The client is looking for someone with certifications such as CISM, CISSP, CISA, etc.
- Works with business teams across the global organization to execute the Information Security, Governance, Risk & Compliance strategy, extending processes as necessary to help business partners identify information security risks and manage risks to an acceptable level
- Collaboratively works to influence and socialize Information Security controls, standards, policies, procedures, and communications.
- Advises process owners globally on Information Security controls needed for the mitigation of risks in accordance with the Information Security Process, Risk & Controls framework, and in compliance with regulatory requirements and industry standards
- Track compliance to regulatory and industry standards, including NIST Cybersecurity Framework (CSF), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes Oxley (SOx) ITGCs.
3+ years of experience in Information Security Governance, Risk and Compliance
Effective analytical, negotiation, facilitation, interpersonal, and stakeholder management skills
Strong verbal and written communication
Strong attention to detail
Experience creating and updating company policies, procedures and standards.
Experience working with NIST CSF (or similar) security framework, PCI DSS and HIPAA standards in operational IT environment required
For more info. go to: http://go.tagvault.org/4sVa81