Sr. GRC Analyst
Kennesaw , GA 30144
Posted 4 months ago
The Senior Information Security Engineer-Governance, Risk, and Compliance (GRC) assists in the GRC function. The ideal candidate will have a background in PCI assessments as well as Third Party Risk experience.Responsibilities:
Participates in the strategy and day-to-day operations of the GRC function and team members.
Organize data maintained in the companys GRC system.
Assist in PCI assessments and provide PCI guidance to various teams.
Maintains Information Security policies, standards, procedures, technical security baselines, and awareness.
Assists in identifying and gathering all Information Security metrics.
Participates in driving Security Awareness in the Enterprise.
Assist the team in managing the Third-party vendor and risk assessment processes.
Supports and consults with stakeholders on information security issues
Applies industry and internal best practices in solution of technical and business problems.
Prepares recommendations and implements changes to work methods and procedures to make them more effective and/or to strengthen security measures
Coordinates large-scale Information Security projects
Serve as a technical mentor for newer or more junior team members
Demonstrates initiative through driving and facilitating their specific information security squad to review, improve and implement needed process, best practices, technology and environment changes.
Self-starter with the ability to work independently as well as the ability to negotiate and bring consensus to diverse priorities of product development and solution delivery teams.Requirements:
5 or more years experience in an Information Technology related role.
3 or more years in an Information Security role or related.
Bachelors Degree in an applicable field highly preferred.
CISM, CISSP, PCIP, ISA, or equivalent certifications preferred.
Sr. GRC Analyst