Remote - GRC Analyst

Green Dot Corporation-posted 9 months ago
$84,500 - $126,000/Yr
Full-time • Mid Level
Remote
Merchant Wholesalers, Nondurable Goods
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The GRC Analyst supports the risk identification and management process across all aspects of Information Security. Responsibilities include assessing the current adequacy of the security strategy, threats to networks, systems and applications, and calculating the impact of potential adverse events. Serve as liaison for audit and assessment initiatives.

  • Maintain familiarity with a broad regulatory landscape impacting business and IT areas.
  • Remain current with emerging regulatory sentiments as well as solution trends in the marketplace.
  • Understand the impact of laws and regulations on company systems and technology.
  • Recommend and implement changes in security policies, standards and/or procedures as needed.
  • Collaborate with the appropriate stakeholders to establish and maintain a system for assessing compliance with security and privacy policies.
  • Map control requirements across information security frameworks to identify overlapping requirements and compliance efficiencies.
  • Review third parties by way of security due diligence.
  • Facilitate and support execution of external assessments relative to data security (SOC 1, SOC 2, PCI, etc.).
  • Maintain information security risk management methodologies, definitions and processes; aligned with those from Enterprise Risk Management.
  • Report on key risk indicators (KRIs) and key performance indicators (KPIs).
  • Continuously evaluate network and system security, data vulnerabilities, business continuity and compliance risks.
  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems or equivalent field required.
  • 2-5 years experience in Information Security GRC, Risk Management, Information Technology or equivalent.
  • Experience with information security, control standards, and frameworks such as PCI DSS, ISO27001 and/or NIST CSF and 800-53 preferred.
  • Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred.
  • Other certifications such as Certified Information Security Manager (CISM), Project Management Professional (PMP), or Certified Information Systems Security Professional (CISSP) desired.
  • Knowledge of Financial Service industry regulations, risk management methodologies, operations or auditing is highly desired.
  • Ability to present issues and recommendations in a manner that will be understood and accepted by all responsible parties.
  • Strong Excel and SharePoint skills are highly desired.
  • Familiarity with GRC and problem management tools highly desired (RSA Archer, Jira, Confluence, LogicGate, ServiceNow, etc.).
  • Experience performing Third-Party Risk Reviews, Due Diligence, and Contract Advisory support for InfoSec activities is highly desired.
  • Experience with calculating cyber risk using industry risk methodologies (e.g. FAIR) is desired.
  • Diversity and equal opportunity for all applicants and employees.
  • Reasonable accommodations for candidates on request.
  • Respect for applicants' privacy rights.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
NOC Analyst Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service