IT Risk and Compliance Analyst

ORKINAtlanta, GA
157d
Match Resume

About The Position

We are seeking a dedicated and detail-oriented IT Risk and Compliance Analyst specializing in Governance, Risk, and Compliance (GRC) and Cybersecurity to join our growing team. This role is responsible for identifying, assessing, and mitigating organizational IT risks, including third-party risks. The ideal candidate will have experience managing organizational risks, overseeing third-party relationships, and ensuring that security controls are effectively integrated into these partnerships to protect the organization's sensitive data systems.

Requirements

  • Bachelor's degree in Information Security, Cybersecurity, Risk Management, related field or equivalent experience.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Assessor (CISA), or Certified in Risk and Information Systems Control (CRISC).
  • Minimum of 2-4 years of experience in Information Security, Risk Management, or IT auditing with a focus on third-party risk management.
  • Experience with third-party risk management tools (e.g., RSA Archer, ServiceNow, OnSpring, etc.).
  • Strong knowledge of risk management, regulatory requirements, and security controls.

Nice To Haves

  • Other relevant certifications like CISM (Certified Information Security Manager), GIAC Certified Incident Handler (GCIH), or Payment Card Industry Qualified Security Assessor (PCI QSA).
  • Familiarity with risk management tools and platforms.
  • Solid knowledge of security frameworks and standards (e.g., NIST, PCI, ISO 27001, SOC 2, GDPR, etc.).

Responsibilities

  • Conduct comprehensive risk assessments of third-party vendors and service providers, evaluating their security posture, policies, procedures, and controls.
  • Support the due diligence process by evaluating the security and compliance frameworks of potential vendors.
  • Identify and evaluate security risks related to information systems, applications, and data.
  • Collaborate with cross-functional teams to develop, implement, and monitor risk mitigation strategies.
  • Ensure compliance with security frameworks (e.g., NIST, ISO 27001) and relevant laws (e.g., GDPR, HIPAA, SOX).
  • Create and maintain comprehensive risk assessment reports, dashboards, and documentation.
  • Continuously monitor third-party vendors' security practices and compliance status throughout the lifecycle of the partnership.
  • Work closely with procurement, legal, and other business units to integrate security requirements into vendor contracts and agreements.
  • Develop, review, and update internal policies and procedures related to third-party risk management.

Benefits

  • Comprehensive benefits package including medical, dental, vision, maternity & life insurance.
  • 401(k) plan with company match, employee stock purchase plan.
  • Teammate discounts, tuition reimbursement, dependent scholarship awards.
  • Paid Time Off.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Industry

Administrative and Support Services

Education Level

Bachelor's degree

Number of Employees

501-1,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service