Remote Senior Security Analyst, Risk and Compliance

Summary

Join a dynamic team at Jenzabar as the Senior Security Analyst - Risk and Compliance, spearheading the company's Risk and Compliance efforts. This role will report to the Senior Director - Information Technology and support the ongoing transformation as a strategic, collaborative, and trusted advisor.

Requirements

• Bachelor’s Degree in Information Technology or Information Security related field
• 5+ years of experience working with governance, risk, and compliance within Information Technology and/or Information Security
• Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certification preferred

Responsibilities

• Lead centralized audit and IT compliance support in the facilitation of all audit and other customer assessment requests and remediation efforts
• Creating and maintaining IT Governance frameworks, policies, standards and procedures, and response plans
• Drive consistency in the way IT/Security risks are identified, controls are implemented and monitored and share best practices and learnings across the company
• Analyze current IT/Security risks and identify/monitor emerging risks which can affect the company and work with leaders and IT managers to ensure existing and emerging risks are understood and appropriate mitigations are implemented
• Lead IT/Security risk and governance program activities, such as risk assessments, risk exceptions, risk ratings, risk mitigation and remediation recommendations
• Document the company’s remediation efforts for IT/Security risk exposures, gaps, and deficiencies, and complete remediation validation to assess effectiveness of improved controls
• Work with leadership to create, maintain, and present Key Risk and Performance Metrics (KRI/KPI)
• Identify and resolve technical, operational, risk management, and organizational challenges
• Collaborate on developing and implementing a centralized audit evidence repository and GRC tools
• Facilitate and oversee training to address identified weaknesses in team member knowledge of requirements, policies, or procedures, and to foster a culture of compliance
• Provide support in documenting technology controls and technological landscape

Benefits

• Medical Insurance
• Life Insurance
• Dental Insurance
• Vision Insurance
• Paid Vacation
• Paid Sick Days
• Paid Parental Leave
• Paid Holidays
• Short Term Disability
• Long Term Disability
• 401K
• Educational Assistance