DOT Sr Business GRC Analyst
Boston, Massachusetts, United States
Experfy Inc
Harvard-incubated Experfy platform enables the pipelining and hiring of external talent at unprecedented speed. Also, career pathing, upskilling, and mentorship of your internal talent.Our client is actively hiring a DOT Sr Business GRC Analyst (Governance, Risk, and Compliance (GRC) Analyst)! Join a great team of cyber security professionals and help us deliver our mission – which is to protect the confidentiality, integrity, and availability of the companies digital information and systems.
DOT Sr Business GRC Analyst is a key pillar of the department Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks. In the next chapter of our GRC program, we will be expanding our implementation and tracking of security safeguards across the organization. We need your help!
Requirements
Sample Duties and Responsibilities:
- Ability to read, comprehend, and analyze published:
- laws and regulations, security policies and standards, and information sharing agreements.
- leading security frameworks such as the National Institute of Standards and Technology (NIST) SP 800-53 Security and Privacy Controls for Information Systems and Organizations.
- security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.
- Contribute to the continuous improvement of the InfoSec GRC function
- Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.
- Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.
Required
- Two plus (2+) years of training or practical experience in IT Operations
- Two plus (2+) years of training or practical experience in Information Security Risk Management
- Strong work ethic, great time management, and highly inclusive team player
- Effective verbal and written communicator
- Authorization to work indefinitely in the U.S.
Preferred:
- Bachelor's degree or equivalent in Cyber/Information Security
- Industry certifications such as CISSP
- Previous experience on a GRC team in a large organization
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISSP Compliance Governance NIST NIST 800-53 Privacy Risk assessment Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs