IT Security and Compliance Analyst

Reporting to the IT Security and Compliance Manager, the IT Security and Compliance Analyst is responsible for supporting the implementation and oversight of cybersecurity programs and incident management, Identity and Access Management systems, IT audit controls and discovery related to investigations.The position is also responsible for supporting the IT emergency response program, disaster recovery and business continuity planning.The incumbent will provide advice and guidance to peers within the IT organization around all topics related to IT security and will collaborate with both internal and external stakeholders to ensure cybersecurity standards are met and the company's systems remain secure from both internal and external threats.RESPONSIBILITIES:Manage and maintain on-prem / cloud-based directory services, identity and access management (IAM) systems, and related technologies to ensure efficient and secure user authentication, authorization, and directory services operationsMonitor and analyze security events and incidents, investigate and respond to security incidents, and conduct investigations to determine the root cause and extent of security breaches. Tracking progress through to resolutionDevelop and implement incident response plans and procedures to minimize the impact of security incidentsConduct risk assessments to identify vulnerabilities and weaknesses in IT systems, networks, and applications. Evaluate risks and work with IT teams to implement appropriate security controls and safeguards to mitigate risks and protect critical assetsEnsure compliance with relevant laws, regulations, and industry standards, such as GDPR, ITIL and ISO 27001. Develop existing policies, procedures, and controls to meet current and future regulatory requirements and maintain compliance posture, such as for the impending EASA Part-IS requirementConduct security awareness training programs for employees to educate them on security best practices, policies, and procedures. Provide guidance and support to IT teams and business units on security-related mattersCoordinate and participate in security audits and assessments, both internal and external, to evaluate the effectiveness of security controls and ensure compliance with policies, procedures, and standardsPrepare reports on security incidents, investigations, risk assessments, and compliance status. Maintain documentation of security controls, policies, procedures, and standards for auditing and reporting purposesQUALIFICATIONS:Bachelor's degree in computer science or related field with 3+ years of experience in a similar roleCISM and/or CISSP certification preferred, strong ADDS knowledge also considered.Knowledge of Sarbanes Oxley (SOX) General IT ControlsKnowledge of ITIL and Change Management conceptsCritical thinking - ability to use logic and reasoning to identify the strengths and weaknesses of alternative solutions or approaches to resolving problems.Demonstrated experience participating in cross-functional project teamsAbility to adjust and set priorities to meet project deadlinesStrong written and verbal communication skillsGood understanding of SOX and General Computer ControlsExperience with managing third party technology and outsourced service providersAbility to work effectively in a professional manner with technology staff, business stakeholders, end users, management and others outside the organization, including OEMs and technology service providersBristow Group is an Equal Opportunity Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.