The Governance, Risk & Compliance (GRC) security analyst primary responsibility will include developing, managing and maintaining the cyber risk register, facilitating the annual security policy review process, and updating the overall InfoSec project plan. This role will also include assisting in the gathering of security related evidence to support PCI, SOC and other external Audits.
Role Responsibilities:
- Responsible for tracking/reporting projects within the overall Information Security Program
- Manage the weekly executive reporting including InfoSec metrics and program project status.
- Manage the annual security policy review and update process.
- Improve and streamline the evidence gathering process and security policy review process either through use of existing tools or new software solutions.
- Create and build cybersecurity risk register process to capture all cyber related risks.
- Manage the annual NIST CSF assessment including post gap & risk assessment reporting.
- Assist with metrics and reporting, as we continue to build out executive communications.
- Assist in evidence-gathering process for technical audits, including requests to key stakeholders, to ensure that all materials are delivered to auditors in a timely manner.
- Stay up to date on information security trends and standards.
Skills and Experience:
- 3-5 years of experience within Information Technology a/o Cyber Security GRC.
- Strong organizational and project management skills are a higher priority than having security background; security background is a plus.
- Excellent Microsoft Office product skills such as Word, PowerPoint and Excel are mandatory.
- Familiarity with various regulatory requirements and laws, including but not limited to PCI, NACHA, SOX, HIPAA, GDPR and GLBA.
- Project tracking/reporting experience (PMP Certification is a plus)
- Familiar with GRC and PM tools. AuditBoard and Smartsheet experience is a plus.
- Self-motivated, intuitive and well organized.
- Ability to maintain documentation and manuals.
- Ability to design and implement new processes.
- Excellent communication skills and experience influencing key stakeholder groups.
Education Requirements:
- Associates or Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent industry experience.
EEO Statement
Paymentus is an equal opportunity employer. We enthusiastically accept our responsibility to make employment decisions without regard to actual or perceived race, creed, color, age, sex or gender (including pregnancy, childbirth and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, national origin, ancestry, citizenship status, religion, marital status, physical or mental disability, military service or veteran status, genetic information, protected medical condition as defined by applicable state or local law, genetic information, or any other classification protected by applicable federal, state, and local laws and ordinances. Our management is dedicated to ensuring the fulfillment of this policy with respect to hiring, placement, promotion, transfer, demotion, layoff, termination, recruitment advertising, pay, and other forms of compensation, training, access to facilities and programs and general treatment during employment.
Reasonable Accommodation
Paymentus recognizes and supports its obligation to endeavor to accommodate job applicants and employees with known physical or mental disabilities who are able to perform the essential functions of the position, with or without reasonable accommodation. Paymentus will endeavor to provide reasonable accommodations to otherwise qualified job applicants and employees with known physical or mental disabilities, unless doing so would impose an undue hardship on the Company or pose a direct threat of substantial harm to the employee or others.
An applicant or employee who believes he or she needs a reasonable accommodation of a disability should discuss the need for possible accommodation with the Human Resources Department, or his or her direct supervisor.