Business Risk Analyst (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Business Risk Analyst (Cybersecurity): Supporting information security compliance, GRC workflows, and risk management initiatives with an accent on regulatory frameworks and audit readiness. Focus on performing risk assessments, managing third-party due diligence, and coordinating security control reviews across business units.
Location: Must be based in or near Alpharetta, GA or Scottsdale, AZ (Hybrid role).
Company
provides integrated technology solutions for education, healthcare, and business campuses.
What you will do
- Track compliance status and report progress via KPIs to management.
- Prepare risk reports and dashboards for senior leadership.
- Support risk assessments and security control reviews across IT environments.
- Coordinate evidence collection and control testing with third-party auditors.
- Evaluate third-party vendor workflows and perform due diligence.
- Maintain compliance-related policies, standards, and procedures.
Requirements
- 5+ years of experience in information security, risk management, or compliance.
- Working knowledge of SOC 2, PCI DSS, HIPAA, GovRAMP, or NIST CSF.
- Experience managing process workflows within TPRM due diligence cycles.
- Proven ability to track and analyze external audits and compliance evidence.
- Strong analytical, communication, and project management skills.
- Must be authorized to work in the US.
Nice to have
- Familiarity with AuditBoard, Optro, or similar GRC platforms.
Culture & Benefits
- Robust health, dental, and vision insurance plans starting on day one.
- Matched 401(k) retirement plan.
- Flexible time off including paid holidays and volunteer time.
- Employer-paid life insurance, disability insurance, and EAP.
- Flexible spending account (FSA) or health savings account (HSA).
- Employee stock purchase plan.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →