Governance Risk and Compliance Analyst
North America
Applications have closed
Corelight
Disrupt future attacks with complete network visibility, next-level analytics, faster investigations, and expert threat hunting.By making evidence the heart of security, we help customers stay ahead of ever-changing cyber-attacks.
Corelight is the cybersecurity company that transforms network and cloud activity into evidence. Evidence that elite defenders use to proactively hunt for threats, accelerate response to cyber incidents, gain complete network visibility and create powerful analytics using machine-learning and behavioral analysis tools. Easily deployed, and available in traditional and SaaS-based formats, Corelight is the fastest-growing Network Detection and Response (NDR) platform in the industry. And we are the only NDR platform that leverages the power of Open Source projects in addition to our own technology to deliver Intrusion Detection (IDS), Network Security Monitoring (NSM), and Smart PCAP solutions. We sell to some of the most sensitive, mission critical large enterprises and government agencies in the world.
If you thrive in a fast-paced environment where attention to detail and a proactive approach are essential and are passionate about information security and ensuring compliance, our Governance, Risk, and Compliance Analyst role at Corelight might be the perfect fit for you!
Role:
- Play a key role in supporting Corelight's information security governance, risk management, and compliance processes. This includes staying up-to-date on relevant regulations and industry standards, identifying and mitigating risks, and ensuring compliance with internal policies.
- Monitor and report on internal compliance against external regulations and industry standards. You will be responsible for gathering data, analyzing it, and creating reports that communicate the organization's compliance posture to stakeholders.
- Provide support to the information security and privacy as needed. This might involve tasks such as assisting with audits, investigations, and incident response activities.
Responsibilities:
- An understanding of information security governance, risk management, and compliance frameworks.
- Experience in monitoring and reporting on compliance against external regulations and industry standards.
- Excellent analytical and problem-solving skills.
- The ability to work independently and as part of a team.
- Strong communication and writing skills.
- Ability to work effectively with stakeholders at all levels.
- Strong organizational and time management skills
Qualifications
- Bachelor’s Degree/equivalent in Business, Cyber security, Information Systems.
- Three (3) to Five (5) years of work experience in governance risk and compliance or security field.
- Must be open to obtaining industry-specific compliance certifications.
- Experience with developing and implementing GRC policies and procedures.
- Experience with conducting internal and external audits and investigations.
Preferred:
Governance:
- Develop and implement policies and procedures to ensure compliance with internal and external regulations, industry standards, and best practices.
- Collaborate with various departments to ensure alignment with governance policies and procedures.
- Promote training campaigns to help support culture of ethical behavior and compliance within the organization.
- Familiarity with frameworks like (i.e., ISO2700x, NIST 800-53, SOC 2)
Risk Management:
- Monitor and update risk assessments on a regular basis.
- Work with GRC Director to identify root cause of risks and identify effective mitigation strategies.
- Understand Risk management framework documentation as it relates to various security assurance frameworks
Compliance:
- Monitor and track compliance with relevant regulations (e.g., information system, data privacy).
- Stay up to date on changes in relevant regulations and adapt compliance practices accordingly.
- Maintain accurate and up to date GRC documentation.
- Provide training and support to employees on GRC policies and procedures.
- Work with GRC Director to implement GRC software solutions.
- Comfortable and effective in building partnerships throughout internal business divisions.
- Ability to research regulations, interpret their meaning.
We are proud of our culture and values - driving diversity of background and thought, low-ego results, applied curiosity and tireless service to our customers and community. Corelight is committed to a geographically dispersed yet connected employee base with employees working from home and office locations around the world. Fueled by an accelerating revenue stream, and investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight - we are rapidly expanding our team.
Check us out at www.corelight.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits Cloud Compliance CrowdStrike Governance IDS Incident response Intrusion detection ISO 27000 Monitoring Network security NIST NIST 800-53 NSM Open Source PCAP Privacy Risk assessment Risk management RMF SaaS SOC SOC 2
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs