Job Description

Job Description

Insight Global is looking for a mid-senior level GRC Analyst for one of our clients to join their Information Security team. The GRC Analyst is responsible for coordinating the organization's information security compliance initiatives on a day-to-day basis.

Key Responsibilities:

Support and/or execute information security compliance initiatives such as audits, risk assessments, customer security questionnaires and other compliance tasks as needed.

Executing information security risk assessments of both current and prospective 3rd party vendors.

Reporting to vendor relationship owners and leadership of the risk presented by vendors, and formulating recommendations and requirements to respond to identified risks.

Tracking recommendations from risk assessments to completion.

Documentation of operational actions in the IT Service Management system/GRC

Interacting across functional teams to determine adherence with controls, policies and procedures.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:

Skills and Requirements

Must Haves:

Detail oriented and highly accurate in the performance of work tasks.

Ability to work with and be part of a core information security team.

Strong active listening skills and understanding of business problems in the context of information security.

Highly proficient in organizing and documenting information

Strong interpersonal skills to work with varying levels of the organization.

Excellent oral and written communication skills

Strong ability to prioritize work tasks.

Highly self-motivated

Strong desire to learn and understand information security principles, trends and actions.

Strong understanding of SOX (Sarbanes-Oxley) controls.

Strong understanding of major cybersecurity compliance obligations (PCI, GDPR) and frameworks (NIST, ISO)

Education & Experience:

Bachelor's degree in related field or equivalent work experience in related field with 1 - 3 years' experience within information security.

Experience with the performance of security assessments, audits, and documentation of results.

Experience with PCI, DFARS, GDPR and other compliance standards.

Project coordination or project management experience

Preferred experience in mid to enterprise sized companies

Demonstrated experience analyzing and interpreting business and Information Security language.

Job Tags

Similar Jobs