Governance, Risk, and Compliance Analyst

About The Position

Requirements

• Depth of knowledge with cybersecurity control frameworks (NIST CSF preferred)
• Working knowledge of cybersecurity policy lifecycle, standards, and guidelines.
• Experience with PCI-DSS and SOX
• Working knowledge of data governance and privacy regulations
• Experience with security awareness techniques and processes in an enterprise environment.
• Exceptional written and verbal communication skills that can be adjusted to relevant audiences.
• Analytic and problem-solving skills.
• Minimum high school diploma or equivalent (GED) required.
• Typically requires a university degree or equivalent experience and minimum 2-4 years of prior relevant experience.

Responsibilities

• Develops and maintains cybersecurity policies, standards, and guidelines.
• Implements and monitors compliance with cybersecurity control framework.
• Ensures policies are up-to-date and align with industry best practices, regulatory requirements, and cyber frameworks.
• Communicates policies to relevant stakeholders.
• Independently develops security awareness training programs and materials.
• Plans and executes cybersecurity awareness events and communication campaigns.
• Develops, organizes, and delivers training sessions to employees on security policies and best practices.
• Monitors and reports on the effectiveness of security awareness initiatives.
• Collects, analyzes, and presents cybersecurity program performance metrics and key risk indicators (KRIs).
• Independently conducts regular assessments of cyber risks within applications, platforms, and processes.
• Identifies risks and develops mitigation strategies and risk management plans
• Manages third-party risk by assessing the security posture of external vendors and partners, implementing risk mitigation measures and fostering secure third-party relationships.
• Ensures appropriate design and operating effectiveness of regulatory and PCI-DSS controls.
• Manages privacy-related data subject access requests.
• Monitors compliance and reports effectiveness.
• Independently performs periodic gap assessments to validate compliance.
• Monitors regulatory environment and performs impact assessments.
• Partners with auditors and manages action plans in response to audit discoveries.
• Performs other duties as assigned.

Benefits

• PulteGroup Employee Benefits
• At PulteGroup, we believe that our people are what makes us a great place to work and we strive to meet their health and welfare needs with a competitive suite of benefit offerings designed for their unique lifestyles.
• Comprehensive, Flexible and Affordable Healthcare Coverage Options
• Supplemental Healthcare Coverage Opportunities
• PTO and Work/Life Benefits
• Health Advocacy and Wellness
• Retirement Plan with Company Match
• Education and Employee Assistance Programs
• Paid Parental Leave and Adoption Benefits
• Mortgage Financing Discounts through Pulte Mortgage