GRC Security Analyst

    • Robert Half
  • Boca Raton, FL
  • Posted 25 days ago | Updated 4 hours ago

Overview

On Site
Full Time

Skills

SAP GRC
FOCUS
Governance
Information assurance
IT audit
Leadership
Strategy
Information systems
Business process
Security operations
ISO 9000
Management reporting
System on a chip
Payment card industry
ISACA
PCI DSS
Documentation
Reporting
Operations
Planning
Policies
IT operations
Design
Auditing
IT security
Regulatory Compliance
Recovery
Management
Risk management
Cyber security
Risk assessment

Job Details

Job Description

Job Description

We are looking for a Security Analyst with a focus on Governance, Risk, and Compliance to join our team in Boca Raton, Florida. This role involves managing, assessing, and mitigating risks as part of our information assurance and cybersecurity program. You will be responsible for leading the IT security risk and audit program using generally accepted standards and frameworks for IT audit and risk management. This is an onsite position and offers a long-term contract employment opportunity.


Responsibilities:


Lead the IT security risk and audit program for information systems security

Develop and implement the IT security risk and audit strategy

Perform information systems and business process risk assessments

Evaluate the effectiveness of technical, physical, and administrative controls to identify control weaknesses

Interface with Security Operations, IT Operations, and various business units to perform PCI, SOC2, ISO, and applicable State of Florida cybersecurity controls-related reviews

Plan and perform IT security controls effectiveness and manage remediation efforts for the identified gaps

Maintain IT security risk and compliance matrix and perform management reporting

Maintain the Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting

Manage IT security vulnerabilities management program aligned with PCI and NIST standards

Coordinate, track, and verify remediation of audit findings

Document the results and develop a plan of action and milestones for mitigating any identified risk

Produce formal audit reports based on ISACA Audit Standards

Promote compliance with regulatory requirements (e.g. PCI DSS) and IT best practices

Must have proficiency in Documentation and Reporting
Previous experience in Operations and Planning is necessary
Familiarity with Procedures and Policy development
Understanding of Compliance requirements within the IT Operations sector
Ability to Design and Audit security systems
Experience in Auditing and Security measures
Knowledge of IT Security implementation and Best Practices
Familiarity with Component Selection and Compliance Functions
Experience in Risk Management and development of Frameworks
Understanding of Recovery procedures and Onsite management
Skills in Risk Mitigation and working with Business Units
Knowledge of Cyber Security and Risk Assessment is crucial
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.