GRC Analyst
About The Position
HYDAC is a family-owned and operated business with a vibrant and rewarding working environment for our employees across the country. Our goal is to provide quality products, components and services that meet our customer expectations while being committed to the protection and preservation of our environment. HYDAC’s passionate team designs and manufactures a comprehensive line of innovative and reliable solutions optimized for any demand our customers require. The GRC Analyst will join an organization with flat hierarchies, high dynamics, and quick decisions. You will become a member of a young and dedicated team. In this role, you will be a subject matter expert in the team as well as in the whole organization for the continuous development of our Information Security Management System, and its rollout to other HYDAC entities. Furthermore, you will be responsible for internal ISMS audits according to country specific standards such as TISAX, ISO2700x and NIST. You will report to Information Security Manager located in the USA, while assisting the global team. The position will require up to 25% travel including the possibility of international travel.
Requirements
- Successfully completed a degree in computer science, IT security, engineering or comparable professional experience.
- You also have a high affinity for information security.
- Ideally, you have already gained experience in conducting audits (TISAX, NIST/CMMC, ISO27001).
- Team player and the ability to work effectively in an interdisciplinary team.
- Effective interpersonal and customer relationship skills.
- English fluently, German is a plus.
Responsibilities
- Support the further development of the information security management system (ISMS).
- Create and maintain the information security guidelines and concepts together with the IT security team.
- Support the development and maintenance of information security policies, procedures, standards, controls, and other related documents.
- Creation of threat and risk analyses.
- Coordinate updates to training materials that support the information security policies and procedures.
- Setup of training schedules for all Employees and provide KPI’s on completion and success.
- Carry out internal TISAX, ISO2700x, NIST (CMMC) and ISMS audits worldwide.
- Coordinate and lead interactions with internal and external cyber security auditors.
- Support cyber security maintenance and continuous improvement activity identified through internal processes or cyber security related audits.
- Coordinate interactions with internal and external cyber security auditors.
- Support reporting related to information security key performance indicators and status reporting.
- Support business continuity planning, cyber security incident response and management. Coordinate incident response plan creation and updates.
- Support the enterprise as an information security subject matter expert.
- Execute control activities to evidence our compliance with IT controls.
- Consult management, teams, and individuals to provide strategic and tactical direction regarding enterprise information security requirements, policies, procedures, and standards.
- Assist with the operational duties of the ISMS team.
- Perform other duties as assigned.
Benefits
- comprehensive medical/dental/vision plan
- paid holidays
- PTO
- 401k with company matching
- FSA account
- short term disability and life insurance
- pet insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
