My Shortlist

Your shortlisted jobs will appear here. To view your shortlist: Login Or Register

More Jobs Like This
Date Added: Thu 10/06/2021

GRC Security Analyst

Bedford, MA, US
Add To Shortlist Apply Now


Job Type: Permanent, FullTime

Connexionrsquos mission is to provide "best in class" services to job seekers. We strive to achieve excellence in job placement, staffing, and recruiting services, while treating candidates with the professionalism and respect they deserve. Title GRC Security Analyst ndash Enterprise Information Security Hiring Organization Connexion Systems Engineering Compensation, Benefits, and Employment Type Duration ndash Contract ndash 6 months + Pay rate 45-50hr. Job Location Bedford, MA Job bh12728 GRC Security Analyst, Enterprise Information Security We are looking for a GRC security analyst who will be a key member in our Enterprise Security Team. This position will conduct supplier security (3rd party) assessments, design and author information security policies, and conduct compliance assessment of policies and supplier security risk mitigations. The complexity of this position requires an approach that is disciplined, detailed and collaborative with the ability to work with our security managers, IT infrastructure, privacy and business teams, and suppliers. This position will report to the Senior (GRC) Manager, and will be in Bedford, MA. Responsibilities Conduct supplier security assessments in accordance with our due-diligence process and priorities established by Senior GRC Manager. CollaborateLiaise with Supplier Board members, enterprise security managers, IT system and business process owners. Execute information risk-management lifecycle of 3rd party risks. Record-keeping of assessment artifacts. Conduct compliance monitoring of supplier related mitigations. Author policies to ensure ongoing maintenance of security. Develop procedures intended to sustain the security of the companyrsquos data and access to its technology and communications systems. Ensure the distribution and communication of these procedures in appropriate systems and media. Qualifications Excellent written and oral communication skills. 2-3+ years in a Security Governance, Risk and Compliance (GRC) function. Demonstrated experience with conducting a wide variety of 3rd party assessments (professional services, applications on-premises, SaaS and cloud hosted). Experience with supplier assessments in manufacturing sector is a plus. Candidate has in-depth knowledge of security domains (Application Security, Cloud Security, Data Protection, Identity and Access Management, Vulnerability Management). Understanding of prevailing information security threats and risks. Knowledgeable of CIS-Top 20, ISO 27001 security controls. Knowledgeable of PCI-DSS, Data Privacy (GDPR, CCPA), Sarbanes-Oxley and other regulatory standards. Up-to-date knowledge of information security issues, trends, and leading practices. Expertise in security policy development. Must have a solid understanding of information technology and information security. Bachelorrsquos in Computer Science, Business Administration, andor Information Systems preferred. Relevant security or risk management certifications a plus. Bachelorrsquos in Computer Science, Business Administration, andor Information Systems preferred.
Apply Now