Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. United States
  4. Texas
  5. Lewisville
  6. Governance Risk and Compliance
  7. Senior Security Analyst, Governance, Risk, and Compliance
CC
Caliber Collisioncaliber.com

Senior Security Analyst, Governance, Risk, and Compliance

Lewisville, Texas, United StatesFull-time2h ago

Service Center

CSCS TX

Responsibilities

  • Develop, maintain, and update security policies, procedures, and guidelines to ensure alignment with industry standards (e.g., ISO 27001, NIST).
  • Assist in defining security governance frameworks and ensure adherence across the organization.
  • Conduct risk assessments to identify and evaluate security risks within systems, processes, and third-party vendors.
  • Evaluate third-party security controls and manage vendor compliance with organizational security requirements.
  • Lead the design, development, and execution of compliance program to ensure that technology and business processes meet compliance requirements.
  • Assist with managing all aspects of the compliance program, including gap assessment, risk management, risk mitigation, monitoring/auditing, policy administration, addressing violations, and performing corrective actions.
  • Manage the monitoring of business and technology activities and risks for compliance with applicable rules and regulations of cybersecurity.
  • Communicate complex issues in simple terms to executive management and team members.
  • Conduct scoping and risk assessments to determine risk impact, meaningful control design, impact, and issues with the leadership team.
  • Analyze risks around platform transaction processing and impact on compliance controls.
  • Track relevant laws and regulations and update operating manuals, policies and procedures documents when regulations change related to cybersecurity.
  • Prepare compliance status reports for internal management, clients and auditors.
  • Grow Technology Compliance capabilities on-prem and in key cloud environments (e.g. Azure, GCP, Snowflake).
  •  Identify, develop, and implement monitoring activities for high risk, externally exposed applications
  • Consult with key stakeholders on existing, modified, and future governance risk and controls activities including ones related to Sarbanes Oxley (SOX) and Internal Controller.
  •  Oversee daily operations of the Technology Compliance Dashboard in order to:
    • Identify daily control gaps and monitor remediation to completion
    • Troubleshoot technology issues within the dashboard
    • Identify and document business requirements for new monitoring controls
    • Work with various IT teams to convert business requirements into new monitoring controls
  • Stay informed on key changes within the IT and cyber security environments to keep Technology Compliance procedures aligned with current processes and risks
  • Review, critique, and recommend best practices for improving current processes through automation
  • Promote a culture of cyber security risk awareness by providing subject matter expertise on control identification, implementation, monitoring, and best practices
  • Maintain and develop existing and new contacts within the professional network of cyber security and IT risk management peers and consultants/vendors
  • Continuously develop knowledge of evolving best practices through peer benchmarking, industry events/associations, and educational opportunities

Requirements

  • Bachelor’s degree in computer science, Information Security, or related field
  • Professional certifications such as CISSP, CISM, CISA, or equivalent
  • 5+ years of experience working in cyber security, IT risk, audit, and/or IT compliance
  •  Strong knowledge of IT auditing and risk management techniques and IT general control processes (change management, systems development life cycle, information security, IT operations, etc.)
  •  Successful track record of positively influencing stakeholders
  •  Strong communication and presentation skills
  •  Experience establishing strong working relationships with business partners
  •  Demonstrated ability to work across organizational boundaries, and influence others
  •  Ability to define and manage internal projects and milestones and demonstrated leadership skills
  •  Demonstrated ability to develop and present risk information to all levels of an organization
  •  Experience with automating controls, data and analytics
  •  Strong understanding of IT Risk Management requirements and frameworks, including SOX, COBIT, and NIST CSF

Caliber uses E-Verify to confirm the identity and employment eligibility of all new hires. 

Must be eligible to work in the U.S. with no restrictions. 

Categories

Governance Risk and Compliance
IT Audit
IT Security
Risk Management
Security Analyst

Skills

Azure
CISA
CISM
CISSP
COBIT
Compliance
GCP
Governance
ISO 27001
IT Auditing
IT Risk Management
NIST
Risk Assessment
Snowflake
SOX