Beacon Hill Technologies is currently searching for a GRC Security Analyst for a client located in Canton, Ohio. This will be a 6 month contract position.
As a member of the Global Risk & Security organization, the Business Security Analyst will play a key role in our Enterprise Security program by driving a global security governance model. You will be responsible for obtaining a better understanding of all security controls, including processes and technology, and managing the continuous delivery and standardization of this world class program across all 90 countries.
You will take an active role in managing regulatory reviews, compliance reviews, supplier due diligence, risk assessments over security solutions, and other security governance, risk, and compliance activities and initiatives. This position works with internal and external customers and partners to ensure the appropriate security control environments are implemented and maintained to meet regulatory, industry, and customer requirements. You will also work closely with other departments to assist with audit and compliance activities.
The Global Risk & Security organization will identify, assess, and appropriately manage risk in the following areas:
Business Continuity Planning
Information Security & Security Policies
IT Access Management
Security Governance, Compliance and Policy
Essential Functions include:
Build and operationalize the security governance and controls program to ensure scalability, repeatability, and standardization across geographies, business units, and external partner environment
Perform risk assessments over business areas, geographies, and vendors to identify and remediate security gaps
Liaison with the business to harmonize and leverage the controls to support compliance related activities from a business perspective, and utilize and enhance existing technologies
Analyze and evaluate global business processes and customer solutions compared to regulatory and industry requirements
Maintain an understanding of global security regulations and compliance frameworks and standards
Lead regulatory review meetings and participate in customer vendor due diligence sessions to discuss control environment and to explain risk assessment program
Complete project work accurately and within deadlines as required
Communicate with project team and keep project information up to date
Prepare and conduct meetings with clients and peers to ensure project requirements are completed and your portion of the engagement is fully delivered
Develop and maintain effective working relationships with customers, business partners, and other team members
Promote new business opportunities by identifying issues and potential solutions
Work with third party assessors that evaluate against compliance frameworks such as SOX, PCI, GLBA, etc.
Lead third party audits and examinations over global facilities, external business solutions, and customer solutions
Bachelor's degree in security, information technology, audit, accounting, or finance is required or equivalent experience. Master's degree preferred.
One or more years of progressive experience in Information Security or implementing security controls
A solid foundation in at least one or more of the following:
Security Governance and Compliance
Demonstrable evidence of experience to research solutions to resolve business needs.
Strong written communication skills, specifically related to summarizing assessment techniques, issues/gaps, and remediation suggestions to various levels of management
Knowledge of multiple security frameworks such as ISO 27001/27002, PCI, COBIT, NIST, and SSAE16
Knowledge of security regulations (SOX, PCI, GLBA)
Experience working with regulators, auditors, vendors, business partners, and customers to evaluate, design, and educate on security program preferred.
Demonstrated understanding of business processes, internal controls, risk management, and related controls
Demonstrated problem-solving skills and analytical abilities with a focus on developing practical solutions; strong results orientation
Excellent communication skills and ability to effectively interact with all associate levels
Ability to build rapport across the organization
Employment Type: Contract
Click here to apply
Please mention that you saw the job on Business Analyst Learnings