cyber security – governance risk compliance (grc) analyst in boca raton, Florida

hiring-jobs.com

cyber security – governance risk compliance (grc) analyst.

  • boca raton , florida

  • posted 1 day ago

job details

summary

  • $60 – $70 per hour

  • contract

  • no requirements

  • category computer and mathematical occupations

  • reference1067521

job details

job summary:

Job Summary:

The management, assessment, and mitigation of risks are fundamental components of our information assurance and cyber security program. This position leads the IT security risk and audit program for information systems security using generally accepted standards and frameworks for IT audit and risk management (e.g., NIST, ISO, PCI, and ISACA). The position is responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify control weakness. This individual will interface with the Security Operations, IT Operations, and various business units to:

? Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Department’s security policies.

? Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.

? Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies.

? Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.

? Manage IT security vulnerabilities management program aligned with PCI and NIST standards.

? Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important.

? For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.

? Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.

? Coordinating, tracking, and verifying remediation of audit findings.

? Documenting the results and developing a plan of action and milestones for mitigating any identified risk.

? Produce formal audit reports based on ISACA Audit Standards.

? Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.

GRC Risk Analyst Skills & Requirements:

? 7-10 years of IT Audit experience (CISA certified preferred)

? 3 years of IT Risk Management lifecycle experience

? 3 years of hands-on technical experience (e.g. developer, system administrator)

? Experience working with NIST 800-30 Risk Assessment Standard

? Extensive experience with IT General Controls evaluation and design

? Advanced skill level in business process mapping and documentation as well as policy and procedure development

? Recent experience in Information Security with up-to-date knowledge of the current threat landscape.

? Solid understanding of PCI DSS standards

Education and Certifications:

? Bachelor’s Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.

? CISA and CISSP certifications (preferred).

location: Boca Raton, Florida

job type: Contract

salary: $60 – 70 per hour

work hours: 8am to 5pm

education: No Degree Required

responsibilities:

Job Summary:

The management, assessment, and mitigation of risks are fundamental components of our information assurance and cyber security program. This position leads the IT security risk and audit program for information systems security using generally accepted standards and frameworks for IT audit and risk management (e.g., NIST, ISO, PCI, and ISACA). The position is responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify control weakness. This individual will interface with the Security Operations, IT Operations, and various business units to:

? Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Department’s security policies.

? Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.

? Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies.

? Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.

? Manage IT security vulnerabilities management program aligned with PCI and NIST standards.

? Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important.

? For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.

? Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.

? Coordinating, tracking, and verifying remediation of audit findings.

? Documenting the results and developing a plan of action and milestones for mitigating any identified risk.

? Produce formal audit reports based on ISACA Audit Standards.

? Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.

GRC Risk Analyst Skills & Requirements:

? 7-10 years of IT Audit experience (CISA certified preferred)

? 3 years of IT Risk Management lifecycle experience

? 3 years of hands-on technical experience (e.g. developer, system administrator)

? Experience working with NIST 800-30 Risk Assessment Standard

? Extensive experience with IT General Controls evaluation and design

? Advanced skill level in business process mapping and documentation as well as policy and procedure development

? Recent experience in Information Security with up-to-date knowledge of the current threat landscape.

? Solid understanding of PCI DSS standards

Education and Certifications:

? Bachelor’s Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.

? CISA and CISSP certifications (preferred).

qualifications:

  • Experience level: Experienced

  • Minimum 10 years of experience

  • Education: No Degree Required (required)

skills:

  • SECURITY ANALYST

  • SECURITY

  • SECURITY ENGINEER

  • Cyber Security

  • Risk ManagementEqual Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.Pay offered to a successful candidate will be based on several factors including the candidate’s education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).This posting is open for thirty (30) days.







To help us track our recruitment effort, please indicate in your cover/motivation letter where (hiring-jobs.com) you saw this job posting.

Share

Production Technician – Hiring Now

Job title: Production Technician - Hiring Now Company Elwood Staffing Job description ) Referral Bonus…

5 mins ago

Solutions Architect (Cross-Geo)

Job title: Solutions Architect (Cross-Geo) Company Databricks Job description build the Databricks community in your…

6 mins ago

Assistant Company Secretary

Job title: Assistant Company Secretary Company Monzo Job description 🚀 We're on a mission to…

17 mins ago

Accounts Payable Administrator

Job title: Accounts Payable Administrator Company FirstService Residential Job description About FirstService Residential:FirstService Residential transforms…

25 mins ago

Immediate Hire – No Exp Required – Work From Home Recruiter

Job title: Immediate Hire - No Exp Required - Work From Home Recruiter Company DriveLine…

30 mins ago

Leisure and Hospitality Valuation Surveyor

Job title: Leisure and Hospitality Valuation Surveyor Company EC Property Recruitment Job description A leading…

36 mins ago
For Apply Button. Please use Non-Amp Version

This website uses cookies.