Vacancy expired!
RESPONSIBILITIES:
Kforce has a client in Emeryville, CA that is seeking a Senior GRC Security Analyst.
Summary:
In this role, the Senior GRC Security Analyst leads and executes the IT CyberSecurity governance program. This role performs Enterprise CyberSecurity risk assessments, including third party assessments for business initiatives. The Senior GRC Security Analyst will also coordinate and manage 3rd Party Assessments/Audits include PCI and TQS #5, and will be leading Archer migration to ServiceNow for the GRC (Governance, Risk & Compliance) program.
Responsibilities:
Manage information technology security policy and standards change process including working with cross-functional SMEs to assess the impact of requested changes
Identify gaps and conduct impact analysis of the existing information security policy frameworks in order to drive continual improvement
Lead audits in areas of cybersecurity including the Payment Card Industry Digital Security Standard (PCI-DSS)
Collaborate with Cross Functional teams in regards to Security Requirements in order to address risk
Develop and oversee user IT security awareness and training programs company wide
Identifying and articulating risk in terms of business impact and likelihood, as well as suggesting reasonable strategies for mitigation and or provide compensating controls
Identify and coordinate changes to GRC module to meet CyberSecurity Risk Management direction
Lead metrics and measures program which reports to leadership
REQUIREMENTS:
Bachelor's degree or equivalent experience in Information Technology or Risk Management
Preferred certifications: (PCI ISA, CRISC, CISSP, etc.)
5+ years of experience working in a similar role
Exceptional aptitude, attitude, and work ethic
Excellent communication and organizational skills, including the ability to present options in business terms to both technical and business staff including executives
Technical writing skills
ServiceNow experience
Knowledge of capability of third party risk assessment
Able to Identify areas for automation and be able to map workflow
Change Approval Board (CAB) experience
Team lead to help with on-boarding, training and work distribution
Detailed knowledge and experience working with PCI DSS and NIST Control Standards would allow you to hit-the-ground running
Working knowledge of information security and computer network, server, database, and user access technologies
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.