infosec-jobs.com

DOT Sr Business GRC Analyst

Boston, Massachusetts, United States

Applications have closed
Experfy Inc logo

Experfy Inc

Harvard-incubated Experfy platform enables the pipelining and hiring of external talent at unprecedented speed. Also, career pathing, upskilling, and mentorship of your internal talent.

View company page

Find more jobs like this Jobs in the United States

Our client is actively hiring a DOT Sr Business GRC Analyst (Governance, Risk, and Compliance (GRC) Analyst)! Join a great team of cyber security professionals and help us deliver our mission – which is to protect the confidentiality, integrity, and availability of the companies digital information and systems.

DOT Sr Business GRC Analyst is a key pillar of the department Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks. In the next chapter of our GRC program, we will be expanding our implementation and tracking of security safeguards across the organization. We need your help!


Requirements

Sample Duties and Responsibilities:

  • Ability to read, comprehend, and analyze published:
    • laws and regulations, security policies and standards, and information sharing agreements.
    • leading security frameworks such as the National Institute of Standards and Technology (NIST) SP 800-53 Security and Privacy Controls for Information Systems and Organizations.
    • security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.
  • Contribute to the continuous improvement of the InfoSec GRC function
  • Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.
  • Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.

Required

  • Two plus (2+) years of training or practical experience in IT Operations
  • Two plus (2+) years of training or practical experience in Information Security Risk Management
  • Strong work ethic, great time management, and highly inclusive team player
  • Effective verbal and written communicator
  • Authorization to work indefinitely in the U.S.

Preferred:

  • Bachelor's degree or equivalent in Cyber/Information Security
  • Industry certifications such as CISSP
  • Previous experience on a GRC team in a large organization
Find more jobs like this Jobs in the United States

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: CISSP Compliance Governance NIST NIST 800-53 Privacy Risk assessment Risk management

Region: North America
Country: United States
Job stats:  3  0  0
Categories: Analyst Jobs Compliance Jobs

More jobs like this

« Back to job search To the top ↑

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.