Job Description

OVERVIEW

The IT Analyst, Cybersecurity Compliance will be responsible for ensuring the confidentiality, integrity, and availability of our data and systems including compliance with relevant security regulations and standards. You work with teams across the organization to identify and mitigate cybersecurity compliance risks and manage reporting on cybersecurity compliance to both internal and external stakeholders. You document the organization\'s cybersecurity compliance posture in written reports, manage compliance efforts to meet both internal and external deadlines, and help prioritize the most critical compliance gaps to be addressed first.

OPPORTUNITY HIGHLIGHTS

• Provide compliance, risk, and controls expertise to support information security and compliance initiatives.
• Implement ISMS with the support and coordination of executive and mid-level management.
• Work collaboratively with internal and external auditors to ensure security controls are consistent with expectations and leading practices.
• Maintain and improvement of compliance with security regulations and standards by working with various stakeholders within the organization.
• The Compliance analyst will be responsible for maintaining the standards in compliance with standard frameworks such as the NIST Cyber Security Framework but not limited to the same.
• Collect evidence for internal audits and maintain a library of evidence to support external audit requirements.
• Document and work towards standardization and publishing of policy and controls across the organization.
• Ensures that various security assessment questionnaires are fulfilled and provide Inputs for compliance requirements.
• Render security compliance advice to internal stakeholders and liaise with systems architects and business managers preparing Security Management Plans for bids and projects.
• Delivery of and reporting on the status of all IT audit recommendations.
• Adhere to and champion policies, guidelines and procedures pertaining to the protection of information assets.
• Other GRC related duties too.

SKILLS & QUALIFICATIONS:

• 5+ years of progressive cybersecurity experience
• A minimum 2+ years of experience in regulated industry, audits, policy documentations, familiarity with audits and ISO 27001, NIST 800-53 and other regulatory frameworks.
• Security+, CEH, ISO 27001, certifications are desirable.
• Bachelor\'s degree in security management, criminal justice, or a related field.
• Experience analyzing regulatory and contract compliance (including RFI/RFP).
• Familiar with Windows, Linux, Unix systems, network, and host security technologies
• Strong knowledge of security principles, policies, and procedures.
• Strong analytical and problem-solving skills.
• Excellent communication skills.
• Ability to work well under pressure and in a fast-paced environment.
• Knowledge of emerging technologies.
• Experience in working in global organizations.
• Excellent interpersonal, verbal, and written communication skills.
• Ability to multi-task and work independently, as well as work collaboratively with teams, some of which may be geographically distributed.
• Expert knowledge of Agile methodologies.
• Good experience using presentation and management tools.

OUR VALUES:

WE ARE PASSIONATELY COMMITTED TO LEADERSHIP, LEARNING, AND SUCCESS. WE EMBRACE EVERY OPPORTUNITY TO SERVE OUR CUSTOMERS AND EACH OTHER AS:

• ONE TEAM
• OPEN AND RESPECTFUL
• CURIOUS
• AGILE
• TRUE

Skillsoft