- Drive internal control effectiveness through internal control monitoring, enhancements, and providing thought leadership on control design, operations, and supporting processes and policies.
- Keep abreast of regulatory and industry developments and advise leadership on the potential impact on the program strategy and plans.
- Perform security compliance readiness assessments and provide updates, recommendations, and roadmap to senior management.
- Advise, educate, and train process and control owners with the preparation and ongoing maintenance of controls and control documentation (e.g., policies, procedures) to better understand the security controls framework and their responsibilities.
- Recommend, develop, and manage the information security risk register, including the definition and reporting on key risk indicators (KRIs) and key performance indicators (KPIs).
- Work closely with Information security team members to identify, manage, and monitor risks and their associated remediation activities related to incidents, vulnerabilities, patching anomalies, penetration testing deficiencies, phishing campaigns, security architecture review exceptions, and security posture ratings.
- Define, develop, and implement capabilities to manage third-party cybersecurity risks.
- Manage review, testing, and improvements to business continuity plans.
- Maintain the policy repository and support effective policy communication.
- Proactively identify gaps or conflicts in existing policies and processes and work to develop solutions with internal business partners.
- Advise policy owners on the preparation, communication, and ongoing maintenance of policies to help them better understand policy management and their responsibilities.
- Assist in designing, implementing, training, and standardizing security controls for processing, storing, and transmitting sensitive data.
- Advise data owners on the data classification, labeling, retention, and deletion requirements to help them better understand data governance and their responsibilities.
- Drive remediation and risk mitigation activities, including root cause analysis, and owning the design, tracking, and progress of action plans across security compliance, policy, or process gap remediation activities and risk mitigation activities in partnership with internal business partners.
- Effectively communicate program and project execution status, program health and effectiveness, key accomplishments, and risks to our Security Management and business partners.
- Advanced understanding of security concepts and practical usage.
- Advanced experience in policy and data management.
- Strong understanding of risk management, business resiliency, business continuity, and disaster recovery for a SaaS/cloud-native organization.
- Strong understanding and practical experience working with amongst others, NIST cyber framework, HITRUST.
- Familiarity with Governance Risk Compliance (GRC) tools.
- 4+ years of experience in cyber security, technology risk, GRC, and/or technical compliance roles.
- Experience preferably in technology or SaaS/Cloud.
- Functional knowledge of key security domains: security and risk management, asset security, security architecture and engineering, network security, identity and access management, security operations and software development security.
- Proven security experience in an audit or advisory capacity preferred.
- Bachelor's degree or equivalent work experience with at least 5 years of Risk.
- Assurance/Compliance and or Information Security experience required.
- CRISC, CISSP, CPA, CISA, PMP, CISM certification(s) preferred.
-
Senior GRC Analyst
4 days ago
TalentRemedy Washington, United StatesThe GRC team facilitates the Information Security and data governance processes, enables risk-based decision-making, and delivers a compliance foundation to achieve and maintain compliance certifications. In this role, the · Sr. GRC Analyst · will help evolve, mature, and grow ...
-
Senior IT GRC Compliance Analyst
2 weeks ago
Integrated DNA Technologies Washington, United StatesIntegrated DNA Technologies (IDT) is the leading manufacturer of custom oligonucleotides and proprietary technologies for genomics applications. Our work is complex and cutting-edge, and our team members are curious, creative thinkers who understand that good data drives smart de ...
-
Identity and Access Management Analyst
5 days ago
Expression Washington, United StatesExpression is looking for an Identity and Access Management Analyst (Oracle OIM-OAM) to join our team. The position is 100% remote. · Responsibilities include: · Performs various Identity and Access Management services to ensure the confidentiality, availability, integrity and ...
-
Information Security Analyst
1 week ago
Insight Global Washington, United StatesJob Description · A federal IT services client of Insight Global is looking for 4 Information Security Analysts to join their team in Washington, DC. This role is primarily remote, with onsite requirements as needed. Personnel must be eligible for a Public Trust. · The Intermedia ...
-
Information Security Analyst
2 weeks ago
Insight Global Washington, United StatesA federal IT services client of Insight Global is looking for 4 Information Security Analysts to join their team in Washington, DC. This role is primarily remote, with onsite requirements as needed. Personnel must be eligible for a Public Trust. · The Intermediate Information Se ...
-
Sr. Cybersecurity Analyst
1 week ago
RightDirection Technology Solutions LLC Washington, United StatesRDTS is in need of a Sr. Cybersecurity Analyst to support the U.S. Dept of Treasury in Washington, D.C. · Requirements · Required Experience: · Vulnerability analysis · Experiencing performing security analysis of operation and development environments, threats, vulnerabiliti ...
-
Governance, Risk,
2 weeks ago
Tik Tok Washington, United StatesResponsibilities · TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices including Los Angeles, New York, London, Paris, Berlin, Dubai, Singapore, Jakarta, Seoul and Tokyo. · Why Join Us · C ...
-
Information Systems Security Analyst
4 days ago
Summit Technologies Washington, United StatesSummit Technologies Inc. is seeking an Information Systems Security Analyst to support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. ...
-
Senior Information Sysems Security Analyst
4 days ago
Summit Technologies Washington, United StatesSummit Technologies Inc. is seeking a Senior Information Systems Security Analyst to support our government client. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response ...
-
Senior Information Security Analyst
2 weeks ago
Insight Global Washington, United StatesA federal IT services client of Insight Global is looking for 2 Senior Information Security Analysts to join their team in Washington, DC. This role is primarily remote, with onsite requirements as needed. Personnel must be eligible for a Public Trust. · The Senior Information As ...
-
Information System Security Officer Lead
2 days ago
SAIC Washington, United States· SAIC is looking for an experienced Information System Security and Privacy Officer (ISSPO) to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Governance, ...
-
ServiceNow Software Engineer
1 week ago
Beyond20 Washington, United StatesBeyond20 is looking for individuals with junior level ServiceNow Developer experience to support customer environment operations. The ServiceNow Junior Developer is a technical resource that possesses ServiceNow administration capability and can design, build, and customize Servi ...
-
ba/scrum master
12 hours ago
Expert In Recruitment Solutions Washington, United StatesBA/SCRUM MASTER · 3 days on site in DC · Responsibilities: · The Scrum Master/Business Analyst will serve as a dedicated team member who has the primary responsibility to support their self-organizing, self-managing team successfully achieving their daily, iteration, and release ...
-
Information Systems Security Officer
1 week ago
DANASTAR Professional Services, LLC Washington, United StatesDANASTAR is currently seeking talented, experienced Information System Security Officers (ISSO) for an exciting position supporting one of our premier clients. Our project is aimed at establishing cutting-edge techniques for network defense, identifying threats and detecting mali ...
-
Senior Information Systems Security Analyst
6 days ago
SAIC Washington, United States· SAIC is looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance support by provid ...
-
Senior Information Systems Security Analyst
4 days ago
SAIC Washington, United StatesDescription · SAIC is looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance suppor ...
-
Finance Operational Risk Management
1 week ago
Fannie Mae Washington, United StatesAt Fannie Mae, futures are made. The inspiring work we do helps make a home a possibility for millions of homeowners and renters. Every day offers compelling opportunities to impact the future of the housing industry while being part of an inclusive team thriving in an energizing ...
-
Security Analyst
1 week ago
Gen3 Technology Consulting Washington, United StatesAbout us: · Gen3 Technology Consulting is an SBA-certified Woman-Owned Small Business (WOSB) providing a diverse set of technology services and solutions to federal and commercial clients. Founded in 2017, Gen3 leverages over 25 years of information technology management and le ...
-
Business Analyst
2 weeks ago
Mindlance Washington, United StatesTitle: Business Analyst · Location: Washington, DC (Hybrid Onsite: 4 days onsite per week from Day 1) · Video Interview · Background: · MIGA IT Strategy has been focused on Modernizing current MIGA IT landscape to leverage latest technologies and cloud platform capabilities ...
-
Security Analyst
2 weeks ago
Gen3 Technology Consulting Washington, United StatesAbout us:Gen3 Technology Consulting is an SBA-certified Woman-Owned Small Business (WOSB) providing a diverse set of technology services and solutions to federal and commercial clients. Founded in 2017, Gen3 leverages over 25 years of information technology management and leaders ...
Senior GRC Analyst - Washington, United States - TalentRemedy
Description
The GRC team facilitates the Information Security and data governance processes, enables risk-based decision-making, and delivers a compliance foundation to achieve and maintain compliance certifications. In this role, the Sr. GRC Analyst will help evolve, mature, and grow our GRC program.
Responsibilities:
Skills:
Experience:
Education: