GRC Analyst

Skills And Responsibilities

Overall 7+ experience in cybersecurity

4+ years in a Security Governance, Risk and Compliance (GRC) function.

Understanding and familiarity with cybersecurity frameworks (ISO, NIST, HiTrust, COBIT,etc )

Candidate has in-depth knowledge of security domains (Application Security, Cloud Security, Data Protection, Identity and Access Management, Vulnerability Management).

Understanding of prevailing information security threats and risks.

Knowledgeable of CIS-Top 20, ISO 27001 security controls.

Knowledgeable of PCI-DSS, Data Privacy (GDPR, CCPA) and other regulatory standards.

Up-to-date knowledge of information security issues, trends, and leading practices.

Expertise in security policy development.

Must have a solid understanding of information technology and information security.

Relevant security or risk management certifications a plus.