Security GRC Analyst

Edify Technologies • boca raton, fl, us • 1m ago

Job Title: Security (GRC) Analyst

Job Location: Boca Raton, FL (Onsite)

Duration: 12 Months

About Edify

Headquartered in Naperville, IL, we are a dynamic team with over two decades of industry expertise, dedicated to delivering robust business solutions, staff augmentation, and a comprehensive range of application and web services. Recognized as one of INC. Magazine's Fastest Growing Private Companies, we're committed to empowering businesses with innovative technology solutions.

At Edify Technologies, we partner with customers globally, empowering them to enhance their technology footprint, reduce unnecessary costs, develop sustainable IT solutions, and gain a competitive edge in today's digital world. We believe in creating an impact through innovation, driving tangible results that propel businesses forward.

Job Responsibilities:

Perform PCI, SOC2, ISO, and applicable client's cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Department’s security policies.
Plan and perform IT security controls effectiveness. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.
Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies
Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.
Manage IT security vulnerabilities management program aligned with PCI and NIST standards.
Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize to determine which operations and assets are the most important.
For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.
Coordinating, tracking, and verifying remediation of audit findings.
Documenting the results and developing a plan of action and milestones for mitigating any identified risk.
Produce formal audit reports based on ISACA Audit Standards.
Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.

GRC Risk Analyst Skills & Requirements:

7-10 years of IT Audit experience (CISA certified preferred)
3 years of IT Risk Management lifecycle experience
3 years of hands-on technical experience (e.g. developer, system administrator)
Experience working with NIST 800-30 Risk Assessment Standard
Extensive experience with IT General Controls evaluation and design
Advanced skill level in business process mapping and documentation as well as policy and procedure development
Recent experience in Information Security with up-to-date knowledge of the current threat landscape.
Solid understanding of PCI DSS standards

Education and Certifications:

Bachelor‘s Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.
CISA and CISSP certifications (preferred).

We Believe in Diversity & Inclusion:

As a minority-owned company, we deeply value and prioritize inclusion and diversity within our organization. We believe that a diverse and inclusive workforce fosters innovation, creativity, and empathy, leading to a richer and more rewarding work environment. We are committed to cultivating a workplace where every team member feels valued, respected, and empowered to contribute their unique perspectives and talents. Join us and be a part of a team that celebrates diversity, cherishes different perspectives, and fosters a collaborative and supportive community.

#InclusionAndDiversity #Empowerment #EdifyTechnologies #JoinOurTeam #Hiring