GRC Analyst

Aristocrat TechnologiesLas Vegas, NV
10h
Match Resume

About The Position

A GRC Analyst within the Cyber Governance, Risk, and Compliance (GRC) team is a key team member supporting Aristocrat’s Global Information Security organization and cybersecurity objectives. There are two primary responsibilities for this GRC Analyst role. The first involves coordinating a cybersecurity Policy Program. This includes crafting new and updating existing policy documents. It also involves running the roadmap and calendar, and joining internal audit discussions and security exceptions related to information security policies. The second focus is on leading and improving an information security education and training initiative. The work involves applying tools, new technologies, and strategies to maintain relevant, current material. This encourages a security-first culture. What You'll Do Maintain and continuously improve the cybersecurity Policies Program including the management of the lifecycle of a policy from creation to publication and developer go-to-market communication materials. Process and assess risk exceptions to Aristocrat Security Policies, Standards, and Technical Security Requirements and manage security risks identified and documented in the cybersecurity risk register and proactively identify cybersecurity deficiencies or opportunities for improvement to policies. Manage and advance a Security Awareness and Training Program that focuses on fostering a cyber aware culture. Includes developing a calendar of campaigns encompassing corporate-wide and specific roles-based training and awareness and phishing. Continuously deliver maturity enhancements to the Security Awareness program using AI tools and strong communication skills to make training effective and engaging. Collaborate with threat intelligence resources to ensure strong linkage to new and relevant threats. Create role-based training curriculum across the organization focusing on the protection of resources and data, collaborating with internal teams such as People and Culture (HR) and Privacy.

Requirements

  • Master’s degree and 2 years of experience in cybersecurity field; experience in Learning and Development or Communications is a plus.
  • Or University / bachelor’s degree and 4 years’ experience in cybersecurity field; experience in Learning and Development or Communications is a plus.
  • Or an Associate’s degree and 8 years' experience in cybersecurity field, experience in Learning and Development or Communications is a plus.

Nice To Haves

  • Experience in policy management lifecycle management from creation to communication to delivery
  • Working knowledge of cybersecurity awareness training terminology such as phishing, smishing, ransomware, etc. with an ability to translate this information into accessible training for organization.
  • Experience designing and deploying corporate-level awareness programs including regular awareness training, secure development training, and regular phishing campaigns.
  • Ability to create and deliver on strategic needs for awareness and training program along with program management skills to prioritize, plan, and deliver in a global environment.
  • Experience in using Artificial Intelligence (AI) tools to create, refine, personalize, and deliver training content at corporate level and for role-based training.
  • Comprehensive and effective communication skills, including the ability to gather relevant data and information, connect through listening, dialogue freely, and verbalize ideas effectively.
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • Certified Information Security Manager (CISM)
  • CompTIA Security+
  • SANS Global Information Assurance Certifications (GIAC)

Responsibilities

  • Maintain and continuously improve the cybersecurity Policies Program including the management of the lifecycle of a policy from creation to publication and developer go-to-market communication materials.
  • Process and assess risk exceptions to Aristocrat Security Policies, Standards, and Technical Security Requirements and manage security risks identified and documented in the cybersecurity risk register and proactively identify cybersecurity deficiencies or opportunities for improvement to policies.
  • Manage and advance a Security Awareness and Training Program that focuses on fostering a cyber aware culture.
  • Continuously deliver maturity enhancements to the Security Awareness program using AI tools and strong communication skills to make training effective and engaging.
  • Collaborate with threat intelligence resources to ensure strong linkage to new and relevant threats.
  • Create role-based training curriculum across the organization focusing on the protection of resources and data, collaborating with internal teams such as People and Culture (HR) and Privacy.

Benefits

  • Robust benefits package
  • Global career opportunities
  • health, dental, and vision insurance
  • paid time off
  • a 401(k) plan with employer matching

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar GRC Analyst job opportunities

GRC Analyst
Rocket Lawyer
Rocket Lawyer • Boulder, UT2d
GRC Analyst
Rocket Lawyer
Rocket Lawyer2d
GRC Analyst
Rocket Lawyer
Rocket Lawyer • San Francisco, CA2d • $73,440 - $108,000
GRC Analyst
Aristocrat Gaming
Aristocrat Gaming • Las Vegas, NV2d
GRC Analyst
Allied Benefit Systems
Allied Benefit Systems • Chicago, IL4d • $75,000 - $80,000 • Remote
GRC Analyst
Rocket Lawyer
Rocket Lawyer2d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service