IT Information Security GRC Analyst
1 month ago
Description
Job Title: Information Security GRC Analyst
Main Purpose: The Information Security (InfoSec) Analyst serves as a trusted advisor when assessing internal systems and controls, and is a key point of contact with external examiners. Identifies and verifies risks to systems and data, and ensure teams are cognizant of any deficiencies and working toward addressing findings and recommendations. Evaluates risk according to best practices, as well as compliance mandates, and provides detailed reports from assessments. When external examiners conduct engagements. Acts as a primary point of contact and facilitator to ensure teams are abiding by safe computing and administrative procedures. In this position, the InfoSec Analyst will regularly review, evaluate and verify controls, and then document and report based on the state of the engagements. Uses key risk indicators and IT general controls (ITGC) when assessing system design, data privileges/access and the entire supply chain related to a business system. Follows up and verifies appropriate actions have taken place, especially when risk is excessive and an organization is at risk or out of compliance. Main Duties and Responsibilities: Support the delivery of InfoSec GRC security advisory engagements and projects related to industry standards and frameworks. Lead and perform security assessments Maintain and support internal audit department practices and processes with detailed reporting and accompanying technology recommendations. Work closely with security leadership to ensure cybersecurity policies and practices as defined in global and industry standards are aligned with an appropriate level of risk. Retain expertise in one or more compliance standards, including Sarbanes-Oxley Act (SOX), Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Control Objectives for Information Technology (COBIT), National Institute of Standards and Technology (NIST) and International Standards Organization (ISO) 27001. Be actively informed and engaged in upcoming and completed security projects across the business. Enforce a strong security culture mindset set forth by risk management, ensuring uniformity across technical teams, business units and employees. Foster strong relationships with internal business units and excel in risk management, technical controls and cybersecurity communication. Engage with critical third parties and validate adequate controls are in place. Remain up-to-date on security threats, vulnerabilities and mitigations set forth by IT and security teams to reduce the corporate attack surface. Uncover, validate and document deficiencies in risk management, technology and cybersecurity practices. Conduct architecture reviews and identify where security controls must be implemented. Specify guidance on key risk indicators and ITGC testing methodology, validation and alignment with policies and documentation. Persuade IT and security teams to adopt cybersecurity controls. Stay abreast of evolving technologies and areas of risk against the rapidly changing threat landscape as well as standards and compliance requirements. Serve as a point of contact and liaison with external examiners for assessments throughout the year and at end-of-year evaluations. Draft and deliver presentations to management explaining audit findings and recommendations for corrective action that are operationally feasible, within budget and team skillset. Build relationships with business units to verify security-by-design controls are incorporated into projects, architecture, infrastructure and applications. Stay abreast of new laws, regulations and standards, and assess their impact to the business. Openly support the management team and executive leadership, even during tumultuous times. Travel as needed to office locations and third-party on-site engagements. Requirements: At least 5 years’ IT or cybersecurity experience (or IT coupled with cybersecurity), with at least 2 years in an operationally focused IT or security practitioner role. Strong experience in technology controls review, risk assessment, policy review and control review type of engagements Strong written and verbal communication skills across all levels of the organization. Skilled at working with diverse teams and promoting enterprise-wide risk management rigor High level of integrity, trustworthiness and confidence to represent the company and risk management leadership with the highest level of professionalism. Project management, multitasking and organizational skills. Ability to preserve credibility with the team through sustained industry knowledge. Applicable knowledgeable with national and global cybersecurity policies, regulations and security frameworks. Demonstrated understanding and comprehension of a wide range of compliance and technology frameworks. Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well. Self-starter requiring minimal supervision. General business administration competencies. Excellence in communicating privacy, business risk and remediation requirements from assessments. Outstanding written and verbal business and cybersecurity communication skills. Highly organized and efficient. Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen. Educational Requirements: Bachelor's degree in computer science, information assurance, or related technical field or business administration preferred, but not required. Certification Requirements: CISA highly recommended CISSP, CISM, CRISC preferable, but not required. EEO and Veteran Employer Marken is a wholly owned subsidiary of UPS and is a critical part of UPS Healthcare. Marken offers a state-of-the-art GMP-compliant depot network and logistic hubs for clinical drug product storage and distribution worldwide and supports cell and gene therapy logistics services from clinical to commercial, while maintaining the leading position for Direct-to-Patient and Home Healthcare services, biological sample shipments and biological kit production. Moving Our World Forward by Delivering What Matters.
-
GRC Policy Analyst
2 weeks ago
india Novalink Solutions LLC Full timeJob Description The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the...
-
IT Grc Sme
3 weeks ago
India CosMic IT Full timeFull Time - India - Posted 9 mins ago - CosMicIT - **CosMic IT** - Find Your Dream Job Here_ Hello Everyone, We at #CosMicIT are looking for a #IT GRC SME Locations: PAN India Job Description: **Responsibilities**: 1. GRC Program Management: - Develop, implement, and manage the overall IT GRC program. - Define and enhance policies, procedures, and...
-
GRC Analyst
6 days ago
India MDMS Recruiting LLC Full timeJob Description This is a remote position. Governance, Risk & Compliance (GRC) Analyst The Information Security, Governance, Risk, and Compliance Analyst will be an innovative, self-driven team player who will be able to educate, provide guidance, and help drive a risk management program for information security and compliance throughout the company. This...
-
GRC Analyst
4 weeks ago
india MDMS Recruiting LLC Full timeJob Description This is a remote position. Governance, Risk & Compliance (GRC) Analyst The Information Security, Governance, Risk, and Compliance Analyst will be an innovative, self-driven team player who will be able to educate, provide guidance, and help drive a risk management program for information security and compliance throughout the company. This...
-
Information Security Analyst
2 weeks ago
india Nike Full timeRejoignez l'équipe NIKE, Inc. Loin de se contenter d'équiper les plus grands athlètes mondiaux, NIKE, Inc. explore les potentiels, abolit les frontières et repousse les limites du possible. L'entreprise recherche des personnes capables d'évoluer, de réfléchir, de rêver et de créer. L'épanouissement de sa culture repose sur son ouverture à la...
-
Security Analyst
3 days ago
india Mobile Programming LLC Full timeJob Description : We are looking for The GRC Security Analyst who will assesses and prioritizes information security and cybersecurity risk across the organization, facilitates compliance with regulatory requirements and information security policies, and develops and reports on information security no-style="background-color: inherit;"> and Requirements :...
-
GRC Analyst
2 months ago
india Quantiphi Full timeLooking for GRC Analyst NP : Immediate to 30 Days Experience Level: 4 to 6 years Responsibilities 1. Develop and ensure compliance of company-wide best practices for IT security. 2. Research security enhancements and make recommendations to management. 3. Respond to RFI /RFPs by consulting to various support functions and client queries regarding...
-
Director of Cyber Security
2 days ago
india CrossTab IT Consulting Full timeWe are seeking Director of Governance Risk and Compliance (GRC) for our client, the biggest financial institution of the country. The ideal candidate is a leader who has worked for a min of 5 years in the BSF industry and understands the nuances and criticality of situations in the Banking industry. Work Experience 20-23 years in IT infrastructure,...
-
SAP GRC/Security Consultant
2 weeks ago
india Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
Information Security GRC Analyst
6 days ago
India Marken Full timeDescription Job Title: Information Systems Auditor Location: Pune M ain Purpose: The Information Systems (IS) Auditor serves as a trusted advisor when assessing internal systems and controls, and is a key point of contact with external examiners. Identifies and verifies risks to systems and data, and ensure teams are cognizant of any...
-
SAP GRC/Security Consultant
6 days ago
Anywhere in India/Multiple Locations Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
SAP Security
2 months ago
India Sage IT India Full timeExpert in SAP Security and GRC Architecture - Experience in Leading Team and handle multiple parallel projects - Experience in Multiple Implementations - Excellent Business Communication - Must have knowledge on User Management, Role Management and GRC ARM request processing - Must have experience working in Support projects and ability to communicate with...
-
IT Information Security Analyst
3 weeks ago
india Marken Full timeDescription Job Title: Information Security Operations Analyst Location: Pune Main Purpose: The Information Security (InfoSec) Operations Analyst will be a critical member of the Information Security Operations team responsible for operational security activities and support for multi-vendor security platforms. You will...
-
IT Information Security Analyst
4 weeks ago
india Marken Full timeDescription Job Title: Information Security Operations Analyst Location: Pune Main Purpose: The Information Security (InfoSec) Operations Analyst will be a critical member of the Information Security Operations team responsible for operational security activities and support for multi-vendor security platforms. You will...
-
IT Information Security Analyst
6 days ago
India Marken Full timeDescription Job Title: Information Security Operations Analyst Location: Pune Main Purpose: The Information Security (InfoSec) Operations Analyst will be a critical member of the Information Security Operations team responsible for operational security activities and support for multi-vendor security platforms. You will actively...
-
Information Security GRC Senior Analyst
4 weeks ago
india IQ-EQ Full timeJob Description Responsibilities (how we will measure success) To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on the security programme’s governance and oversight. ...
-
Information Security GRC Senior Analyst
6 days ago
India IQ-EQ Full timeJob Description Responsibilities (how we will measure success) To provide second line support for all aspects of the Group's Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on the security programme's governance and oversight. Working as part...
-
SAP Security
6 days ago
India Sage IT India Full timeExpert in SAP Security and GRC Architecture Experience in Leading Team and handle multiple parallel projects Experience in Multiple Implementations Excellent Business Communication Must have knowledge on User Management, Role Management and GRC ARM request processing Must have experience working in Support projects and ability to communicate with end users...
-
Cyber Security
3 weeks ago
India Sage IT India Full timeRelevant security certifications such as CISA, CISSP, CRISC or equivalent - Experience in conducting internal Information Security audits for a highly regulated industry - 3+ years of Cyber Security experience - Experience in attaining certifications or attestations such as ISO 27001, SOC report, PCI, etc. - Experience with Security Infrastructure Design...
-
Senior Information Security Analyst
6 days ago
India IQ-EQ Full timeJob Description Outline of responsibilities We are hiring an Information Security Analyst to work in our growing IT Security team. You will monitor our digital environment for security issues, respond to security requests, install and operate security software, and document any security issues or breaches you find. To do well in this role you should...