Information Security Grc Advisor

Overview:
Quest has an opportuniity for an Informaiton Security GRC Sr. Analyst to join our team

**Responsibilities**:

- Ensure compliance with industry regulations and working with independent, external auditors to demonstrate such compliance to achieve certification of compliance
- Stay abreast of industry requirements for certifications relevant to Quest business
- Maintain in-depth knowledge of certifications and controls such as ISO2700X, PCI-DSS, SOC1 and SOC2
- Collaborate with legal to maintain and improve our privacy compliance program
- Develop control definitions and pass criteria for compliance
- Interview internal resources and review process documentation to assess compliance with established controls and identify gaps
- Work with other teams to identify solutions for compliance gaps
- Track compliance gaps and ensure work to remediate gaps meets deadlines
- Conduct periodic reviews of security and privacy policies and procedures
- Conduct periodic reviews of vendors’ certifications and compliance
- Organize and present audit documents for review with external auditors
- Conduct internal audits to identify risks and manage risk-tracking efforts
- Create and deliver training to employees on compliance topics
- Define and monitor metrics on compliance progress
- Drive innovation to improve compliance effectiveness and efficiency
- Prepare customer-facing materials on compliance efforts
- Meet with customers to resolve concerns related to privacy, security, and compliance
- Manage the completion of customer security questionnaires
- Respond to customer inquiries on compliance related matters

Qualifications:

- Previous experience as a compliance analyst in a related field
- Experience with certifications, standards, and regulations such as ISO2700X, PCI-DSS, SOC1, SOC2, CCPA, and GDPR
- Experience with information security principles/practices
- Experience with privacy principles/practices
- Some experience with software development practices
- Passionate about security, privacy, and compliance
- Self-motivated, quick learner, fast researcher
- Excellent written and verbal communication skills
- Education or Certification in Information Systems, Management Information Systems or Computer Science or related field

**Preferred**
- Bachelor’s degree in a related field or related work experience
- Knowledge of industry cloud technologies
- 7+ years work experience within the software industry with practical experience working in compliance
- Professional Certifications such as CIPP (Certified Information Privacy Professional), CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor), CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) i

**Company Description**

At Quest, we create and manage the software that makes the benefits of new technology real. Companies turn to us to manage, modernize, and secure their business, from on-prem to in-cloud, from the heart of the network to the vulnerable endpoints. From complex challenges like Active Directory management and Office 365 migration to database and systems management to redefining security, and hundreds of needs in between, we help you conquer your next challenge now.

We’re not the company that makes big promises. We’re the company that fulfills them.

We’re Quest: Where Next Meets Now.

**Why work with us**
- Life at Quest means collaborating with dedicated professionals with a passion for technology.
- When we see something that could be improved, we get to work inventing the solution.
- Our people demonstrate our winning culture through positive and meaningful relationships.
- We invest in our people and offer a series of programs that enable them to pursue a career that fulfills their potential.
- Our team members’ health and wellness is our priority as well as rewarding them for their hard work.
- Come join us. For more information, visit us on the web at _Quest Careers | Where next meets now. Join Quest.