GRC Analyst (Jr.)


Job Details

Looking for a home in an unstable job market!


If so... I have an opportunity you might be interested in. I am hiring a hybrid in Phoenix, FTE, Jr. GRC Analyst with a company that boasts an average employee tenure of 10 years and offers significant opportunities to grow from within.


***This position is only considering individuals local to Phoenix


Position Overview:

Cyber Risk Management:

  • Assists with the collection, analysis, and presentation of cybersecurity program performance metrics and key risk indicators (KRIs).
  • With guidance, conducts regular assessments of cyber risks within applications, platforms, and processes.
  • Documents and monitors mitigation strategies and risk management plans.
  • Actively participates in third-party risk management by assessing the security posture of external vendors and partners.


PCI, SOX, and Privacy Compliance:

  • Supports cross-functional teams in the implementation of regulatory and PCI-DSS controls.
  • Processes privacy-related data subject access requests.
  • Monitors compliance and reports effectiveness.
  • Performs periodic gap assessments to validate compliance.
  • Assists in managing action plans in response to audit discoveries.


Policies/Standards/Controls:

  • Maintains cybersecurity policies, standards, and guidelines.
  • Monitors compliance with cybersecurity control framework.
  • Communicates policies to relevant stakeholders.


Security Awareness:

  • With guidance, develops security awareness training programs and materials.
  • Plans and executes cybersecurity awareness events and communication campaigns.
  • Organizes and delivers training sessions to employees on security policies and best practices.
  • Monitors and reports on the effectiveness of security awareness initiatives.


Qualifications:

  • Minimum 2 (max 4) years of work experience in a cybersecurity or technical risk analysis role.
  • Working knowledge of cybersecurity control frameworks (NIST CSF preferred), PCI-DSS, and SOX.
  • Exceptional written and verbal communication skills that can be adjusted to relevant audiences.
  • Analytic and problem-solving skills.
  • Bachelor in Cybersecurity or related field or a combination of related education and work experience in an Information Security role to equal 4 years.
  • NIST CF Experience
  • ISP 20000 OR ISP 20009 cert
  • Email Phishing Campaigns
  • Ability to communicate at a high level
  • Ability to write email/newsletters effectively and competently
  • Microsoft Office





 The Intersect Group

 04/23/2024

 All cities,AZ


JobsPlenty.com - Job Search Engine © 2024 • TermsPrivacyContact | HIPLEX LLC