- Develop and maintain the company's governance, risk, and compliance program.
- Assess and document the company's compliance and risk posture regarding information assets.
- Develop policies, procedures, standards, guidelines, and controls to ensure compliance with applicable laws, regulations, and industry best practices.
- Work with internal stakeholders to ensure effective implementation of policies, procedures, standards, guidelines, and controls.
- Collaborate with external auditors to ensure compliance with applicable laws, regulations, and industry best practices.
- Lead pen testing and remediation activities.
- Manage vendor risk.
- Provide guidance on audit responses.
- Assess computer hardware, software, and systems for security risks or violations.
- Stay updated with institutional goals, objectives, and progress.
- Participate in institutional sponsored activities and initiatives.
- Support change initiatives within the organization.
- Adhere to all federal and state compliance requirements and regulations.
- Communicate compliance requirements effectively and escalate concerns promptly.
- Bachelor's degree in computer science or related field.
- 7+ years of experience in Information Security.
- Experience with application pen testing, tracking, and reporting.
- Experience developing governance, risk, and compliance programs.
- Ability to influence and assist in developing processes, policies, controls, and metrics for compliance.
- Strong knowledge of information security principles, best practices, and frameworks.
- Excellent problem-solving skills.
- Experience with Secure SDLC programs and secure code practices.
- Experience with Security Awareness Training programs and vulnerability management.
- Industry certifications preferred: CISSP, CISA, CISM.
- Proficiency in MS Office and other business tools.
- Ability to support a diverse and inclusive work environment.
- California residents may access Vaco's HR Notice at Collection for California Applicants and Employees here.
- Virginia residents may access our state specific policies here.
- Residents of all other states may access our policies here.
- Canadian residents may access our policies in English here and in French here.
- Residents of countries governed by GDPR may access our policies here.
- the individual's skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
Sr. Governance, Risk, and Compliance Analyst - Tampa, United States - Vaco
Description
Purpose of the Position:
The Sr. Governance, Risk, and Compliance (GRC) Analyst will be responsible for overseeing IT security functions and maintaining systems, providing technical guidance to the team. They will lead day-to-day cyber compliance, data governance, and cyber risk management activities, assessing and documenting the company's compliance and risk posture related to information assets.
Key Responsibilities:
Functional:
Support Institutional Initiatives:
Compliance:
Work Experience, Skills & Abilities:
Minimum Requirements:
Preferred Requirements:
Vaco values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice
Vaco is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco LLC and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco LLC and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact .
Vaco also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Privacy Notice
Vaco LLC and its parents, affiliates, and subsidiaries ("we," "our," or "Vaco") respects your privacy and are committed to providing transparent notice of our policies.
Pay Transparency Notice
Determining compensation for this role (and others) at Vaco depends upon a wide array of factors including but not limited to:
With that said, as required by local law, Vaco believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.