Vacancy caducado!
Job Description
Being a member of Enterprise Security Governance Risk and Compliance team provides an exciting opportunity to be part of an innovative and dedicated team of security and audit professionals.The Senior Governance, Risk & Compliance Analyst will be responsible for the security governance, risk management, and compliance across the enterprise. They will establish corporate security requirements by evaluating business strategies and requirements, researching information security standards, performing risk assessments, identifying integration issues, and provide recommendations for remediating identified risk. Additionally, they will lead the review and formal approval process for policy updates. A significant responsibility will be to ensure Information Security Policy and Standard documents meet or exceed industry standards, compliance requirements and customer/client expectations and maintaining the Information Security Program documentation.Qualifications Basic Qualifications- At least 8 years of total combined higher education and related work experience including:
- At least 2 years of information systems security work experience
- At least 6 years of higher education and/or additional work experience directly related to the duties of the job including:
- Bachelor's degree in Accounting, Information Systems, Computer Science, Computer Engineering, Software Engineering or Mathematics or related field
- At least 3 years in Information Technology security programs, audits, assessments, risk, or remediation management work experience
- At least 2 years of Privacy law, data protection/security regulations, and frameworks, such as BITS, COBIT, NIST and ISO27002 work experience
- Experience with information security risk management
- Experience with data privacy/protection
- Experience with ISO 31000, 27005, 27001, HIPAA and/or other risk-centric standards and practices helpful
- Demonstrates the ability to work on multiple projects simultaneously and prioritize work to meet adapting deadlines
- Experience with/in FISMA, NIST Risk Management Framework, NIST 800-53 Security Controls, CNSSI 1253 and privacy overlay controls
- Security+, SANS GIAC, CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or CISMP (Certificate in Information Security Management Principles)
- Plan, conduct, and document security compliance assessments based on a variety of standards, laws, and regulations
- Develop detailed recommendations for mitigating findings and process improvement projects
- Willing to work additional or irregular hours as needed and allowed by local regulations
- Work in accordance with corporate and organizational security policies and procedures, understand personal role in safeguarding corporate and client assets, and take appropriate action to prevent and report any compromises of security within scope of position
- Perform other responsibilities as assigned
- Must be willing to live or reside in Kansas City or live in a virtually approved city
Vacancy caducado!