IT GRC Analyst in La Porte, Texas

Description

POSITION SUMMARY:

This position will be responsible for the implementation and monitoring of General IT Controls for Mistras global operations. Will work closely with the IT Risk Manager and Director of IT Infrastructure and Security to implement General IT Controls and controls related to security and data privacy initiatives. Ensures regulatory requirements are being met for initiatives like SOX, NIST, DFARS, GDPR, and CCPA among others. Will be responsible for one, or parts of multiple, risk related projects.

The General IT Controls Analyst will be working with various parts of the business to implement controls related risk mitigation projects locally in the business. This position helps the Department operate efficiently and effectively by implementing controls and risk mitigations throughout regular operations.

MAJOR RESPONSIBILITIES/ACTIVITIES:

• Provides a high level of customer service to the business by ensuring proper operation of General IT Controls and championing data

privacy.

• Implements and monitors IT Controls, performs formal audits, and document their effectiveness.

• Participates in IT processes, such as Change Management and SOX compliance, reporting deficiencies to the IT Risk Manager.

• Performs and documents root cause analysis on control failures and recommends procedural changes where required.

• Leads various data privacy initiatives to meet legal or ethical requirements.

• Implements workflow in various areas, such as access management, change management, or privacy, which are auditable and effective.

• Ensures compliance within global operations in areas such as SOX, software licensing, Mistras policies, and IT policies.

• Conduct system risk & vulnerability assessments, validation testing, compliance reviews, and audits in line with NIST standards.

• Helps facilitate the comprehensive implementation of CMMC across designated MISTRAS labs.

• Supports CMMC, SOX, & SOC 2 audit processes.

• Reviews security standards, policies, and practices on an annual basis to make sure they meet various compliance frameworks.

• Assists the department in responding to inquiries from the business units about ongoing operational compliance.

COMPUTER SKILLS:

• MS Visio or other flow charting tools.

• MS Project or other project management tools.

• MS Office

• Knowledge of GRC tools and techniques

MINIMUM REQUIREMENTS:

• 3- 5 years of experience in a general IT function, preferably with process design experience.

• Must be able to document and analyze process flows.

• Strong interpersonal and time management skills.

• Strong understanding of Project Management concepts, budget, and critical path analysis.

• BS degree in Computer Science, Business Administration, or Accounting / Finance, or equivalent experience.

This job description reflects management’s assignment of essential functions; it does not prescribe or restrict the tasks that may be assigned.

#KT

MISTRAS Group, Inc. is committed to equal employment opportunity. Employment decisions including initial hiring and all matters involving the terms and conditions of employment will be made without regard to any protected class under applicable law. If hired, the employment relationship is “At-Will,” which means that employment can be terminated at any time, and for any reason, at the option of either the Company or the employee. Please direct questions about these policies to a MISTRAS Group, Inc. Human Resources representative.

By submitting & signing , I hereby understand and agree to the terms and conditions of employment as outlined above. I certify that the responses and information provided in this application (including any other supporting documentation such as a cover letter, resume, or transcript) are true and accurate to the best of my knowledge. I understand that misrepresenting or omitting information requested is cause for dismissal at any time, without notice. I hereby give the Company permission to contact schools, previous employers (unless otherwise indicated), references, and others disclosed in my application.

Note to Applicants:

Smoking is prohibited in all indoor areas of the Company. Employees may use designated smoking areas (if established) in accordance with applicable state and local law.

Rhode Island Applicants: The Company is subject to Chapters 29-38 of Title 28 of the General Laws of Rhode Island, and is therefore covered by the state’s workers’ compensation law.

Initial (if applicable): Massachusetts Applicants: I understand that it is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Initial (if applicable): Maryland Applicants: I UNDERSTAND THAT UNDER MARYLAND LAW, AN EMPLOYER MAY NOT REQUIRE OR DEMAND, AS A CONDITION OF EMPLOYMENT, PROSPECTIVE EMPLOYMENT OR CONTINUED EMPLOYMENT, THAT ANY INDIVIDUAL SUBMIT TO OR TAKE A POLYGRAPH OR SIMILAR TEST. AN EMPLOYER WHO VIOLATES THIS LAW IS GUILTY OF A MISDEMEANOR AND SUBJECT TO A FINE NOT EXCEEDING $100.

Mistras Group, Inc. is an Equal Opportunity Employer/Veterans/Disabled:

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)