Esri
Sr. Information Governance Risk and Compliance Analyst
Esri, Redlands, California, us, 92375
Use your information security expertise in this exciting opportunity and help drive our Governance(GRC) program! You'll support our GRC efforts by performing technical assessments across the enterprise. Be part of the team that identifies risks and develops mitigation strategies to help ensure the success of the business. In return, you will enjoy amazing benefits and be part of exciting growth within the Enterprise Information Security Team!Responsibilities
Perform technical assessments on internal systems and projects for compliance to policies, standards, and other security framework requirements (800-53, 800-171, CMMC, HIPAA, CSF, SOC, RMF and similar)Conduct, review and report on these assessments, working with colleagues and the business for plans on reaching acceptable risk toleranceMaintain and manage to track assessment results, compliance status, risk tracking, and continuous monitoringIdentify, track, and provide solutions to mitigate data security issues as part of overall risk management process by partnering with infrastructure and operations and business units, then communicating solutions and verifying remediationParticipate in defining and implementing technical security policies, procedures, standards, and guidelines based on knowledge of best practices, technical requirements, and compliance requirementsDesign and collaborate on solutions to mitigate risks and enhance system securityProvide technical security advice and guidance to systems engineers and managementRequirements
5+ years of technical, hands-on engineering, risk management, and assurance/compliance experience in IT securityExperience with technical security assessments and compliance reviewsIn-depth technical knowledge of information security, security tools and systems, security control implementation, application security, and computer network access technologiesIn-depth technical knowledge of data protection and integrity; operating systems and network security; authentication; and security protocols, practices, and standardsStrong interpersonal and communication skills to work effectively with IT and business units; ability to bridge communications between technical IT team members and compliance team membersStrong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationshipsSelf-motivated and productive team player with ability to influence without authority and thrive in a dynamic environmentBachelor’s in computer science, information management, or related fieldUS citizenship and ability and willingness to obtain a security clearanceRecommended Qualifications
CISSP, CISA, GIAC, or equivalent certification, or ability to obtain
#J-18808-Ljbffr
Perform technical assessments on internal systems and projects for compliance to policies, standards, and other security framework requirements (800-53, 800-171, CMMC, HIPAA, CSF, SOC, RMF and similar)Conduct, review and report on these assessments, working with colleagues and the business for plans on reaching acceptable risk toleranceMaintain and manage to track assessment results, compliance status, risk tracking, and continuous monitoringIdentify, track, and provide solutions to mitigate data security issues as part of overall risk management process by partnering with infrastructure and operations and business units, then communicating solutions and verifying remediationParticipate in defining and implementing technical security policies, procedures, standards, and guidelines based on knowledge of best practices, technical requirements, and compliance requirementsDesign and collaborate on solutions to mitigate risks and enhance system securityProvide technical security advice and guidance to systems engineers and managementRequirements
5+ years of technical, hands-on engineering, risk management, and assurance/compliance experience in IT securityExperience with technical security assessments and compliance reviewsIn-depth technical knowledge of information security, security tools and systems, security control implementation, application security, and computer network access technologiesIn-depth technical knowledge of data protection and integrity; operating systems and network security; authentication; and security protocols, practices, and standardsStrong interpersonal and communication skills to work effectively with IT and business units; ability to bridge communications between technical IT team members and compliance team membersStrong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationshipsSelf-motivated and productive team player with ability to influence without authority and thrive in a dynamic environmentBachelor’s in computer science, information management, or related fieldUS citizenship and ability and willingness to obtain a security clearanceRecommended Qualifications
CISSP, CISA, GIAC, or equivalent certification, or ability to obtain
#J-18808-Ljbffr