Senior Analyst, GRC (Cybersecurity)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Analyst, GRC (Cybersecurity): Managing governance, risk, and compliance frameworks to ensure contractual and regulatory adherence with an accent on cyber risk and third-party risk management. Focus on assessing control design, auditing security policies, and driving efficiency through automation and GenAI.
Location: Hybrid work in Overland Park, KS or Cary, NC (USA)
Company
A global employee-owned leader in sustainable infrastructure engineering, procurement, consulting, and construction.
What you will do
- Review client contract provisions related to data security, breach reporting, and cyber resilience.
- Support independent certifications and audits by collecting evidence of security policies and operations.
- Monitor the global regulatory and legal landscape to maintain awareness of compliance requirements.
- Establish and improve cyber risk metrics (KPIs, KRIs) in collaboration with D&IT groups.
- Perform third-party risk assessments and communicate vendor risks to business owners.
- Develop user training aligned with the cyber threat landscape and assist in risk treatment plans.
Requirements
- Bachelor's degree in Information Systems, Computer Science, or related field (or equivalent experience).
- 2-3 years of experience in a GRC role (7-10 years preferred).
- Must be based in or able to work from the US (Hybrid).
- Proficiency in risk assessment methodologies and frameworks such as NIST CSF, ISO 27001, and AICPA SOC.
- Knowledge of cyber and privacy laws, including FAR, DFARS, and CMMC.
- Visa sponsorship is not available.
Nice to have
- Professional certifications such as CRISC, CISSP, or others.
- Experience with the ServiceNow Risk Management platform.
- Interest in using GenAI to create task and functional efficiencies.
Culture & Benefits
- 100% ESOP-owned company providing stock ownership and financial rewards of success.
- Comprehensive healthcare benefits (medical, dental, vision) starting on day one.
- Company-matched 401k plan.
- Flexible work schedules, paid vacation, holiday time, and sick leave.
- Support for growth via tuition reimbursement and adoption reimbursement.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Security Engineer (Compliance)
Security Governance Consultant (Cybersecurity)
Senior Security Engineer (GRC)
Senior Director - Information and Cyber Security (Cybersecurity)
GRC Security Analyst (Fintech)