GRC Analyst

About The Position

Requirements

• Strong knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security
• Experience in design and implementation of information security policies and controls
• Experience participating in external security audits; SOC2 Type II preferred
• Experience conducting needs assessments and identifying/implementing appropriate solutions
• Ability to take initiative and be proactive
• Ability to work independently and be resourceful
• Complex problem-solving and analytical skills
• Excellent communication skills, both verbal and written; ability to condense complex information into simple language for the appropriate audience
• CISSP, CISM, CISA certifications preferre

Responsibilities

• Coordinate IT security governance, risk and compliance activities across the enterprise
• Oversee information security compliance activities, including daily, weekly, quarterly and/or annual security risk assessments – both performing internal assessments and responding to external assessments
• Respond to request for information on Cyderes’ security compliance from customers and partners, review and negotiate relevant agreements
• Support efforts for compliance with SOC2, ISO 27001, NIST 800-53, and other security standards and regulatory frameworks
• Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
• Support the implementation and administration of the Governance, Risk, and Compliance system (GRC)
• Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
• Revise and maintain security & controls policies and procedures in accordance with applicable regulations
• Enable Continuous Compliance through Continuous testing of security & privacy controls
• Identify and provide recommendations for technology, licensing, and/or process updates to improve Cyderes overall security posture
• Develop and provide reports to keep management informed of the operation and progress of compliance efforts

Benefits

• Medical Insurance - Employee + dependents covered
• Life Insurance - Protection for what matters most
• Retirement Match Program - We invest in your future
• Hybrid Work Model - 2–3 days in office
• Maternity & Paternity Leave - Time for the moments that matter
• Paid Time Off - PTO + sick & casual leave
• Bereavement & Volunteer Time - Give back to your community
• Professional Development - Reimbursement program
• LinkedIn L&D Platform - Thousands of courses at your fingertips
• Mobile Phone Reimbursement - Stay connected, on us