JobRialto
GRC Security Analyst
JobRialto, Charlotte, North Carolina, United States, 28245
Role Description:
Conduct Application Risk Assessments to evaluate compliance to Policy and identify risks related to application access control
Develop compliance strategies and providing compliance consultation and risk assessment services to several areas of business within the company.
Develop and implement remediation strategies to mitigate risks associated with the
Confidentiality, Availability, and Integrity of data
Validation of controls implemented by application teams to mitigate identified access control related risks
Provide regular status updates to the Project Owner and the IPO Leadership, informing of the effectiveness of data security controls and offering recommendations for the adoption of new procedures, standards, and / or policies
Provide strategic and tactical direction and consultation on Information Security and IT
Compliance to Business areas
Develop risk management strategies that align with business goals and protect the confidentiality, integrity and availability of information systems and data.
Identify and communicate recommended security and business continuity controls and control deficiencies to business units.
Define, identify and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures
Qualified candidates will be responsible to meet milestones of the plan throughout the engagement.
This role entails moderate to high levels of risk, accountability and responsibility for the mitigation of risk the company's confidential data.
Experience in security with a proficiency in a risk management framework with the ability to assess administrative and technical controls.
Information security, information technology, IT controls assessment or technology risk management related work experience.
Add'l Notes/Details:
The Security GRC Analyst develops and implements policies, controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
Provides guidance and direction for the protection of information systems and assets to other business units.
Proactively assesses third parties that Client works with to ensure the confidentiality and security of Client data.
Monitors the effectiveness of data security measures and provides support on information security issues, systems, processes, products and services.
Identifies elements to support strategic security objectives across the enterprise and actively promotes security awareness.
Education:
Bachelors Degree
Conduct Application Risk Assessments to evaluate compliance to Policy and identify risks related to application access control
Develop compliance strategies and providing compliance consultation and risk assessment services to several areas of business within the company.
Develop and implement remediation strategies to mitigate risks associated with the
Confidentiality, Availability, and Integrity of data
Validation of controls implemented by application teams to mitigate identified access control related risks
Provide regular status updates to the Project Owner and the IPO Leadership, informing of the effectiveness of data security controls and offering recommendations for the adoption of new procedures, standards, and / or policies
Provide strategic and tactical direction and consultation on Information Security and IT
Compliance to Business areas
Develop risk management strategies that align with business goals and protect the confidentiality, integrity and availability of information systems and data.
Identify and communicate recommended security and business continuity controls and control deficiencies to business units.
Define, identify and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures
Qualified candidates will be responsible to meet milestones of the plan throughout the engagement.
This role entails moderate to high levels of risk, accountability and responsibility for the mitigation of risk the company's confidential data.
Experience in security with a proficiency in a risk management framework with the ability to assess administrative and technical controls.
Information security, information technology, IT controls assessment or technology risk management related work experience.
Add'l Notes/Details:
The Security GRC Analyst develops and implements policies, controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
Provides guidance and direction for the protection of information systems and assets to other business units.
Proactively assesses third parties that Client works with to ensure the confidentiality and security of Client data.
Monitors the effectiveness of data security measures and provides support on information security issues, systems, processes, products and services.
Identifies elements to support strategic security objectives across the enterprise and actively promotes security awareness.
Education:
Bachelors Degree