|
Search Jobvertise Jobs
|
Jobvertise
|
Security GRC Analyst Location: US-CA-San Francisco Email this job to a friend
Report this Job
NAVA Software solutions is looking for a Security GRC Analyst Details: Security GRC Analyst Location: San Francisco , CA Hybrid Duration: 6 months CTH Qualifications: - Analyst with 2+ years' experience and with good understanding of security controls and compliance
- Experience GRC in Risk Management (identify, assess, monitor, and report risks)
- Experience performing IAM focused assessments
- Experience operationalizing SLAs for issue management
- Certified Information Systems Auditor (CISA) certification preferred
- Ability to work with minimal supervision
Knowledge Skills and Abilities: - Triage issues to accurately assess and capture them within the GRC tool
- Manage and enhance the issue reporting metrics
- Integrate Issue program across the processes and effectively measures effectiveness of the integrations
- Effectively document, review, and enhance the issue management standard, methodologies, policy or operating procedures
- Provide subject matter expertise on issues tracked by issue management
- Evaluate remediation efforts including the design and effectiveness of operational controls, based on industry best practice models in accordance w/ risk and compliance requirements
- Engage with your stakeholders to identify issues, understand their needs and challenges to proactively find ways that your program can support
- Complete targeted risk assessments based on framework as well as industry requirements
- Support and enhance the risk reporting metrics
- Integrate Risk program across the processes and effectively measures effectiveness of the integrations.
- Support documentation, review, and enhancement of the risk management standard, methodologies, policy or operating procedures
- Provide subject matter expertise on risks tracked by risk management
- Evaluates mitigation efforts including the design and effectiveness of operational controls, based on industry best practice models in accordance w/ risk and compliance requirements.
- Engage with your stakeholders to identify issues, understand their needs and challenges to proactively find ways that your program can support
- Conduct data security assessments based on industry standard best practices and bring recommendations for security posture improvement
- Perform IAM focused assessments on internal applications and systems to ensure compliance with internal IAM Standards and best practices
- Update inventory of critical applications and systems and ensure they undergo standardized account recertifications, have appropriate IAM processes, and are accessed through a standardized SSO solution
- Identify data security threats/risks through collaborating with other Data Security team members/application & system owners/stakeholders
- Map data flow diagrams to provide visibility on where sensitive data lies and document how they are adequately secured
- Provide ongoing reporting to data security and access governance program
- Respond to and follow up with Data Security questions/concerns and provide cybersecurity / technical advisory
Nava Software Solutions LLC
|