IT GRC Analyst

FragomenOntario, CA
23hHybrid
Match Resume

About The Position

Fragomen is seeking a Compliance Analyst to join our talented Compliance Response Team. A Fragomen career gives you the opportunity to work with a smart, motivated and diverse peer group. Our exclusive focus on immigration means you will practice in an exciting, ever-changing and challenging environment with people who are passionate about immigration. Working in a collegial, team-oriented environment, Fragomen employees learn from the industry's leading experts. Our firm commitment to quality and best practices is supported by technological innovation that benefits our clients and staff. Fragomen strongly affirms that the demonstration of data privacy and security is critical to meet our obligations to our clients and distinguishes our business offerings in this competitive market. The Compliance Analyst will report directly to the Governance, Risk, and Compliance Operations Manager. We seek a professional, diligent individual that can keep up with the high demand of client and partner requests that support, identify and demonstrate Fragomen’s security controls. A candidate should have thorough knowledge of IT Security controls to include basic understanding of Cybersecurity frameworks such as NIST 800-53, ISO 27001, SOC 2 type 2 and CIS controls. The candidate should have experience collecting evidence from internal stakeholders and presenting them to external auditors. have a strong understanding of cybersecurity risk management, including how to document risks and develop risk treatment plans understand and be able to articulate the relationship between cybersecurity and internal general controls (ITGC), compliance obligations and risk reduction have experience configuring and using common GRC platforms, such as Vanta, Drata, and Apptega have experience drafting IT policies that align with industry best practices understand vendor and third-party risk management processes Have experience with supporting cybersecurity awareness programs be knowledgeable of the global regulatory landscape and capable of communicating the Firm’s efforts in this area. be collaborative and team oriented as a member of Fragomen’s Governance, Risk & Compliance (GRC) team which helps make data privacy and security a distinguishing factor in our technological offerings. A successful candidate will demonstrate these competencies and possess excellent communication skills to communicate our data security, data privacy and compliance efforts to our global partners, senior leadership, and Clients. Responsibilities will center around demonstrating to Clients Fragomen’s secure operational environment and foundational security policies and principles through the completion of client questionnaires, external certifications, Client audits, RFPs, and technical assessments.

Requirements

  • A strong understanding information security and data privacy frameworks and their control objectives including NIST Cyber Security Framework (CSF), NIST 800-53, and CIS
  • Experience supporting ISO27X series, SOC2 and PCI compliance requirements and external audits, including control and evidence documentation
  • Broad knowledge of Data Privacy regulatory landscape including but not limited to GDPR.
  • Experience in risk management and project management, including but not limited to documenting and developing remediation plans.
  • Experience supporting security awareness training
  • Drafting IT Policies that align with industry best practice and cybersecurity frameworks
  • Strong communication skills both written and verbal
  • Outstanding work ethic
  • Minimum of 5 years of experience in the IT Security GRC field based on work history and/or education.

Nice To Haves

  • Big 4 or large consulting firm experience a major plus

Responsibilities

  • Operationalizing Risk Management: Understand industry standard cybersecurity risks and how controls affect them.
  • Understand how GRC platforms work and how they support Risk Management
  • Develop trusted relationships with senior business partners to gain an in-depth understanding of key business processes, products and services, and influences others to ensure business case and customer satisfaction goals are met.
  • Acquire fundamental knowledge of all Fragomen areas to better understand emerging risks.
  • Support the Service Delivery function to deliver reliable, best-in-class support services in a manner that meets our contractual obligations and delights our customers and clients.
  • Assist with vendor and third-party risk management
  • IT Compliance Support ISO 27001, SOC 2 type 2 and PCI audits by gathering and documenting how Fragomen is meeting the control objectives identified in these standards
  • Support completing client facing requests demonstrating Fragomen’s security controls to include demonstrating and understanding technical security controls.
  • Work closely with IT internal audit to meet IT security compliance obligations
  • Assistance in GRC Operations: Collaboratively work with teammates and internal Fragomen teams and take direction from management to resolve assigned Client support work items with both speed and quality.
  • Acquire fundamental knowledge of all Compliance Operations areas to gain comprehensive knowledge of operations and industry standard best practices.
  • Support security awareness programs
  • Collaborate with GRC oriented teams - the Office of Audit and Privacy, the Office of General Counsel, Information Security and Compliance - and legal/client relationship teams to continuously improve and demonstrate the firm’s commitment to data privacy and security.
  • Produce written and verbal communication, that when escalating matters, is summarized, and always clear and concise.
  • Provide ideas and suggestions for department process improvements.

Benefits

  • We are committed to implementing firmwide initiatives that support the health and wellness of our people, including programs to address work-life balance and benefits that cover a wide range of well-being needs of all employees.
  • Our #FragomenWorks program provides the ability to be successful at home or in the office, via Hybrid & Remote work arrangements.
  • Our Feedback Works process includes three managerial check-ins per year to help you progress in your career.
  • Unique learning programs like: Fragomen Academy, Leadership Academy, Practical Management Academy, and Regional Development Conferences.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar IT GRC Analyst job opportunities

Senior IT GRC Analyst
Emory University
Emory University • Atlanta, GA11d • Remote
GRC Analyst
HYDAC TECHNOLOGY CORPORATION
HYDAC TECHNOLOGY CORPORATION • Bethlehem, PA13d • Onsite
🔥 New JobGrc Analyst
TEKsystems
TEKsystems • Forest Park, OH1d • $40 - $43 • Hybrid
GRC Analyst
Aqueduct Technologies Inc.
Aqueduct Technologies Inc. • Canton, MA2d • Hybrid
IS GRC ANALYST
University of Wisconsin Stout
University of Wisconsin Stout • Madison, WI11d • $85,000 - $95,000 • Hybrid
GRC Analyst Intern
TensorWave
TensorWave • Las Vegas, NV2d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service