Назад
Company hidden
3 часа назад

Principal Security Analyst (Governance, Risk, and Compliance)

101 900 - 132 800$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Principal Security Analyst (Governance, Risk, and Compliance): Building and maturing enterprise security risk and compliance processes across the organization with an accent on security risk quantification, control framework strength, and governance reporting. Focus on leading cybersecurity assessments and audits, developing KRIs, and continuously improving GRC programs using industry frameworks and best practices.

Company

hirify.global develops purpose-driven technology and responsible AI solutions.

What you will do

  • Champion the security risk quantification program and process for informed enterprise decision-making.
  • Develop Key Risk Indicators (KRIs) and communicate security risk to Executive Leadership Team (ELT) and Board of Directors.
  • Develop, assess, and implement cybersecurity controls and procedures to protect confidentiality, integrity, and availability.
  • Lead internal and external security/compliance/regulatory assessments, including customer audits, attestations, certification audits, and third-party reviews.
  • Partner with control owners to monitor control implementation effectiveness and drive resolution of noncompliance issues.
  • Improve change management for policy/standard/procedure updates and drive continuous improvement of GRC using industry best practices.

Requirements

  • Location: Remote in the United States
  • 8+ years of experience in Information Technology and/or Security.
  • 3+ years leading audit/assessment projects.
  • 3+ years experience with risk management frameworks (e.g., NIST CSF) and 2+ years with quantitative risk frameworks (e.g., FAIR, OCTAVE).
  • Experience with corporate GRC solutions (e.g., Archer, ServiceNow).
  • Industry certifications such as CISSP, CRISC, CISM/CISA, and/or AWS or Azure certifications.

Culture & Benefits

  • Remote-flexible workforce.
  • Medical, dental, and vision insurance.
  • 401(k) program with employer match and wellness programs.
  • Flexible paid time off and generous parental leave.
  • Tuition reimbursement program.

Hiring process

  • Application review followed by interview steps to assess security GRC experience and communication skills.

Salary: $101,900.00–$132,800.00 base pay

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →