Cybersecurity Analyst, Governance, Risk and Compliance
Manager, Cybersecurity Governance, Risk and Compliance
: Overland Park, KS – 100% Remote
: 12 Mos. Contract, Expecting Extensions
: Commensurate with 1-2 Year Level of Experience
: Prefer W2 or 1099 –Benefits Available for W2
Level of Experience
: Junior to Mid Level
Minimum of 1 year of IT or Information Security experience. Beginner experience with GRC technologies, such as Archer, MetricStream, ServiceNow, etc. Help Support internal and external audits such as annual SOX, PCI DSS, HIPAA, ISO. One or more related certifications obtained or in process (e.g., ISC2, ISACA, SANS GIAC, CompTIA Security+, ITIL, etc.)
The Cybersecurity Analyst reports to the Cybersecurity Manager. The Cybersecurity Analyst provides a variety of operational, compliance, and consultative functions. This position helps implement, manage, and monitor technical and administrative controls to protect the confidentiality, integrity, and availability of the organization’s information assets. The Cybersecurity Analyst will work closely with other members of the GRC team and the extended Cybersecurity team to support various initiatives across the company's cyber security program.
- Collaborate across Cybersecurity and IT organization to obtain and share knowledge broadly
- Follow defined processes to deliver quality services in a timely manner to the customer
Experience and Education Requirements:
- Support the GRC team with the implementation and maintenance of compliance requirements across the company's cyber security program
- Support internal and external audits such as annual SOX, PCI DSS, HIPAA, ISO and similar
- Support the risk management program by facilitating the risk identification process and tracking the resolution of findings from internal/external audits, security testing and other control assessments.
- Support the development of technical standards and procedures for IT and business units related to the secure configuration and management of technology
- Support the implementation and maintenance of the company's security awareness program, including execution of regular phishing assessments, awareness training and other activities
- Minimum of 1 year of IT or Information Security experience
- Bachelor's degree in information systems or equivalent work experience
- A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships
- Ability to interact with personnel at all levels and across all business units and organizations, and to comprehend business imperatives
- Strong written and verbal communication skills
- Attention to detail to output high quality work products
- Experience with developing, documenting and maintaining policies, processes, procedures and standards.
- Experience with developing and delivering elements of a security awareness program.
- Beginner experience with GRC technologies, such as Archer, MetricStream, ServiceNow, etc. preferred
- One or more related certifications obtained or in process (e.g. ISC2, ISACA, SANS GIAC, CompTIA Security+, ITIL, etc.)