Security Analyst (GRC Analyst) - SECAN24-14469
NavitsPartners Pompano Beach
Job Title: Security Analyst - Governance, Risk, and Compliance (GRC) Analyst
Job Family: Security Management
Job Variance: Advanced
Location: Boca Raton, FL, 33434
Job Family: Security Management
Job Variance: Advanced
Location: Boca Raton, FL, 33434
Duration: 12 months
Job Summary:
The Security Analyst - GRC will be responsible for the management, assessment, and mitigation of risks within the organization's information assurance and cybersecurity program. This role will lead the IT security risk and audit program, ensuring compliance with standards and frameworks such as NIST, ISO, PCI, and ISACA.The successful candidate will be responsible for performing information systems and business process risk assessments, identifying control weaknesses, and implementing mitigation strategies.
Key Responsibilities:
- Conduct PCI, SOC2, ISO, and cybersecurity control reviews to ensure compliance with security policies.
- Plan and assess IT security controls effectiveness, and manage remediation efforts for identified gaps.
- Develop and maintain the IT security risk and compliance matrix, performing management reporting on IT systems controls and business process risks.
- Maintain the Third Party Risk Management Program (TPRM) and analyze SOC-2 and other relevant reporting, mapping to key IT security controls such as NIST, PCI, and COBIT.
- Manage the IT security vulnerabilities management program in alignment with PCI and NIST standards.
- Identify and assess the value, sensitivity, and criticality of operations and assets that may be impacted by threats.
- Estimate potential losses from threats to critical assets and operations and suggest cost-effective mitigation actions.
- Track and verify remediation of audit findings and ensure compliance with audit standards such as ISACA.
- Document results, develop a plan of action, and create milestones to mitigate identified risks.
- Produce formal audit reports based on ISACA Audit Standards and promote compliance with PCI DSS and IT best practices.
Skills & Requirements:
- 7-10 years of IT audit experience (CISA certification preferred).
- 3+ years of experience in the IT risk management lifecycle.
- 3+ years of hands-on technical experience (e.g., developer, system administrator).
- Experience working with the NIST 800-30 Risk Assessment Standard.
- Extensive experience evaluating and designing IT General Controls.
- Advanced skills in business process mapping, documentation, and policy and procedure development.
- Knowledge of current cybersecurity threats and solid understanding of PCI DSS standards.
Education & Certifications:
- Bachelor's degree in Computer Science, Information Systems, Business Administration, or a related field (or equivalent work experience).
- Preferred certifications: CISA and CISSP.
NavitsPartnersFort Lauderdale, 8 mi from Pompano Beach
Job Title: Security Analyst - Governance, Risk, and Compliance (GRC) Analyst
Job Family: Security Management
Job Variance: Advanced
Location: Boca Raton, FL, 33434
Duration: 12 months
Job Summary:
The Security Analyst - GRC will be responsible...
Robert HalfBoca Raton, 10 mi from Pompano Beach
We are looking for a Security Analyst with a focus on Governance, Risk, and Compliance to join our team in Boca Raton, Florida. This role involves managing, assessing, and mitigating risks as part of our information assurance and cybersecurity...
RandstadBoca Raton, 10 mi from Pompano Beach
Experience level: Experienced
• Minimum 10 years of experience
• Education: No Degree Required (required)
skills:
• SECURITY ANALYST
• SECURITY
• SECURITY ENGINEER
• Cyber Security
• Risk Management
Equal Opportunity Employer: Race, Color, Religion, Sex...