Job Details

Home

Security GRC Analyst - Boca Raton, FL( Onsite) at Boca Raton, Florida, USA

http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=1616748&uid=

Title: Security GRC Analyst

Location: Boca Raton, FL( Onsite) - Local Please

Duration 6-12 Months

Interview Phone And Skype

Job Description -

Job Family: Security Management Job #: 6810

Job
Title: Security Analyst-functioning as Governance Risk Compliance (GRC) Analyst
Job Variance: Advanced

Job Summary:

The management, assessment, and mitigation of risks are
fundamental components of our information assurance and cyber security program
at the Florida Turnpike Enterprise. This position leads the IT security risk
and audit program for information systems security using generally accepted
standards and frameworks for IT audit and risk management (e.g., NIST, ISO,
PCI, and ISACA). The position is responsible for the development and
implementation of the IT security risk and audit strategy that perform
information systems and business process risk assessments and evaluate the
effectiveness of technical, physical, and administrative controls to identify
control weakness. This individual will interface with the Security Operations,
IT Operations, and various business units to:

Perform PCI, SOC2, ISO, and applicable State of Florida
cybersecurity controls-related reviews to ensure that current, new, and
technology infrastructure complies with these standards and Departments
security policies.

Plan and perform IT security controls effectiveness. Manage
remediation efforts for the identified gaps including assessment of new or
enhanced implemented controls.

Maintain IT security risk and compliance matrix and performs
management reporting. This will include IT systems controls, and business
process risks to meet compliance requirements. Provide risk mitigation
strategies

Maintain Third Party Risk Management Program (TPRM) and analyze
SOC-2 and other reporting including mapping to key IT security and
compliance controls such as NIST, PCI, and COBIT.

Manage IT security vulnerabilities management program aligned with
PCI and NIST standards.

Identifying and ranking the value, sensitivity, and criticality of
the operations and assets that could be affected should a threat
materialize in order to determine which operations and assets are the most
important.

For the most critical and sensitive assets and operations,
estimating the potential losses or damage that could occur if a threat
materializes, including recovery costs.

Identifying cost-effective actions to mitigate and reduce risk.
These actions can include implementing new organizational policies and
procedures as well as the design of technical or physical controls.

Coordinating, tracking, and verifying remediation of audit
findings.

Documenting the results and developing a plan of action and
milestones for mitigating any identified risk.

Produce formal audit reports based on ISACA Audit Standards.

Promotes compliance with regulatory requirements (e.g. PCI DSS) and
IT best practices.

GRC Risk Analyst Skills & Requirements:

7-10 years of IT Audit experience (CISA certified preferred)

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system
administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and
design

Advanced skill level in business process mapping and documentation
as well as policy and procedure development

Recent experience in Information Security with up-to-date
knowledge of the current threat landscape.

Solid understanding of PCI DSS standards

Education and Certifications:

Bachelors Degree in Computer Science, Information Systems,
Business Administration, or other related field and/or equivalent work
experience.

CISA and CISSP certifications (preferred).

Regards

Ankush Vikal

--

Keywords: information technology Florida
Security GRC Analyst - Boca Raton, FL( Onsite)
[email protected]
http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=1616748&uid=

[email protected]
View All

01:38 AM 01-Aug-24

To remove this job post send "job_kill 1616748" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

ankushtek.2@gmail.com wrote:
Title: Security GRC Analyst

Location: Boca Raton, FL( Onsite) - Local Please

Duration  6-12 Months

Interview  Phone And Skype

Job Description -

Job Family: Security Management Job #: 6810

Job
Title: Security Analyst-functioning as Governance Risk Compliance (GRC) Analyst
Job Variance: Advanced

Job Summary:

The management, assessment, and mitigation of risks are
fundamental components of our information assurance and cyber security program
at the Florida Turnpike Enterprise. This position leads the IT security risk
and audit program for information systems security using generally accepted
standards and frameworks for IT audit and risk management (e.g., NIST, ISO,
PCI, and ISACA). The position is responsible for the development and
implementation of the IT security risk and audit strategy that perform
information systems and business process risk assessments and evaluate the
effectiveness of technical, physical, and administrative controls to identify
control weakness. This individual will interface with the Security Operations,
IT Operations, and various business units to:

Perform PCI, SOC2, ISO, and applicable State of Florida
     cybersecurity controls-related reviews to ensure that current, new, and
     technology infrastructure complies with these standards and Departments
     security policies.

Plan and perform IT security controls effectiveness. Manage
     remediation efforts for the identified gaps including assessment of new or
     enhanced implemented controls.

Maintain IT security risk and compliance matrix and performs
     management reporting. This will include IT systems controls, and business
     process risks to meet compliance requirements. Provide risk mitigation
     strategies

Maintain Third Party Risk Management Program (TPRM) and analyze
     SOC-2 and other reporting including mapping to key IT security and
     compliance controls such as NIST, PCI, and COBIT.

Manage IT security vulnerabilities management program aligned with
     PCI and NIST standards.

Identifying and ranking the value, sensitivity, and criticality of
     the operations and assets that could be affected should a threat
     materialize in order to determine which operations and assets are the most
     important.

For the most critical and sensitive assets and operations,
     estimating the potential losses or damage that could occur if a threat
     materializes, including recovery costs.

Identifying cost-effective actions to mitigate and reduce risk.
     These actions can include implementing new organizational policies and
     procedures as well as the design of technical or physical controls.

Coordinating, tracking, and verifying remediation of audit
     findings.

Documenting the results and developing a plan of action and
     milestones for mitigating any identified risk.

Produce formal audit reports based on ISACA Audit Standards.

Promotes compliance with regulatory requirements (e.g. PCI DSS) and
     IT best practices.

GRC Risk Analyst Skills & Requirements:

7-10 years of IT Audit experience (CISA certified preferred)

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system
      administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and
      design

Advanced skill level in business process mapping and documentation
      as well as policy and procedure development

Recent experience in Information Security with up-to-date
      knowledge of the current threat landscape.

Solid understanding of PCI DSS standards

Education and Certifications:

Bachelors Degree in Computer Science, Information Systems,
      Business Administration, or other related field and/or equivalent work
      experience.

CISA and CISSP certifications (preferred).

Regards

Ankush Vikal

Keywords: information technology Florida 
Security GRC Analyst - Boca Raton, FL( Onsite)
ankushtek.2@gmail.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 10

Location: Boca Raton, Florida