Sr Governance, Risk, and Compliance Analyst

About The Position

Requirements

• BS/BA or equivalent work experience in security related field.
• 8+ years of relevant work experience.
• 6+ years working experience as a security analyst or equivalent.
• Industry relevant certifications such as CISSP, CRISC, CISA, CISM, CGEIT, etc.
• Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001.

Nice To Haves

• Expert familiarity with systems and network infrastructure security technologies.
• Expert hands-on familiarity with security risk-assessment tools & techniques.
• Foreign language skills.

Responsibilities

• Support the company's Cybersecurity program, focusing on controls and policies for Federal Regulatory and FedRAMP requirements.
• Assist with management and monitoring of the company's security risks, compliance guidelines, and controls.
• Lead as escalation point for support requests related to Information Security Programs, including FedRAMP program.
• Document procedures for specific Federal regulatory and FedRAMP requirements.
• Lead security assessments, including external security assessment and customer security questionnaires.
• Monitor internal compliance against information security governance frameworks, including FedRAMP.
• Identify and communicate control gaps, evaluate management remediation action plans, and provide ongoing monitoring of resolution.
• Assist with management of the security assessment program.
• Review and analyze enterprise scale remediation of findings in the vulnerability management program.
• Manage the information security awareness program and ensure compliance with training requirements.

Benefits

• Work/life integration programs like Freedom to Flex.
• Paid maternity/paternity leave.
• Tuition assistance for professional development.
• Comprehensive mentoring program.
• Rewards/recognition programs.