Job Description
osition: GRC Analyst
Location: Remote
Duration: 6+ Contract
Position Description and Responsibilities:
Collect and analyze data across multiple platforms to map controls designed and implemented to Company policies and standards
Collaborate with existing GRC teams to integrate existing security policies and GRC platforms into a single combined entity
Develop policy and other governance material to address Company cyber security requirements
Conduct audits, reviews, and assessments to measure and report security control gaps against Company policy and other requirements determined by management and provide actionable recommendations to bridge the gaps identified.
Develop reports, dashboards, and visualizations to monitor key metrics that measure the effectiveness of the security controls implemented by the Architect and engineers
Skills and Experience:
Solid verbal and written communication skills, including advanced level in policy and procedure development
Demonstrable experience gathering data from diverse groups, analyzing and mapping business processes and documentation to determine cybersecurity control status and identify gaps
Ability to document actionable recommendations to bridge gaps identified, minimize risk, and address control requirements
Extensive experience with cybersecurity frameworks, such as CIS Controls and NIST CSF and IT controls evaluation and design
Ability to maintain focus on solving complex issues in terms of risk reduction and their relationships to Company policies and adopted cybersecurity frameworks
Ability to coordinate and manage remediation efforts for the identified cybersecurity gaps, including assessment of new or enhanced implemented controls Best Regards