Are you passionate about information security and data protection? We are looking for a security and privacy analyst to join our team. In this role, you will play a key role in strengthening our security posture by participating in risk assessment, managing our Governance, Risk, and Compliance (GRC) systems, and ensuring that we comply with the highest industry standards (ISO27001, SOC2, PCI, etc.). If you have experience in security, auditing, and a proactive approach to problem solving, this is the perfect role for you. Join us and help us protect our information and that of our customers.
Responsibilities:
● Participates in the planning and conducts security and privacy risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of client’s information assets including determining exposure and compliance levels.
● Maintains the enterprise Governance Risk and Compliance (GRC) systems for the security department. Establishes continuous monitoring capabilities, report on key performance indicators, identify, track and monitor control exceptions. Participates in evidence gathering for all audit activities.
● Contributes to security and privacy third-party risk assessments which identify threats, consequences, and vulnerabilities to the business assets, products, and services. Ensures adequate security processes and solutions are in place to mitigate or remediate identified risks sufficiently to meet business objectives, contractual, and/or regulatory requirements.
● Drives the development and/or compliance of enterprise and business group information security and privacy policies to protect client’s information assets, intellectual property, and privacy data. Documents security procedures, maintains the cyber risk registry and reports on continual improvement efforts. Complete security reviews of products or solutions under evaluation by the business or in design phases.
● Help maintain and assist in continuous improvement of enterprise certifications including ISO27001, ISO27701, SOC2, and PCI.
● Assists in the preparation of quarterly presentations for senior management.
● Follows up with the compliance team to resolve potential issues.
● Assist in analyzing and determining what impact changes to products or laws will have on the company and how the company administers business.
Requirements:
● 1 – 3 years of experience working with security teams and stakeholders (required)
● 1 – 3 years of experience working with audit and compliance activities (required)
● CISM – Certified Information Security Manager Security Program Fundamentals and Management within 1 – 1/2 years (preferred)
● Advance English level.
● Bachelor’s Degree Business or related field (preferred)
Great, just keep talking to your recruiter.
Apply for this position
If you are already talking to a recruiter from CONEXIONHR, DON'T FILL THE FORM.
