IllinoisCybersecurity Analyst (GRC) #957953
- Operating within the Cybersecurity Governance team, support the cybersecurity compliance management strategy.
- This role will support development, assessment, and maintenance of policies, standards, processes and procedures, to a level compliant with ISO27001/2, PCI DSS, JSOX, GDPR, CMMC and other relevant standards.
- The role will work collaboratively with various business and IT teams in the design and implementation of cybersecurity assessment and compliance programs
- Support the Information Security Management (ISM) program, support/facilitate audit requests, conducts assessments, identify risk themes, maintain cybersecurity risk register, and promote cybersecurity awareness and training across the appropriate teams.
Basic Qualifications – Education & Experience:
- BS in Information Systems or Information Security
- 3+ years in IT/Information security risk assessment, SETA, and governance and compliance roles
- Familiarity with NIST security family, ISO 27001/2, and other relevant security standards Preferred (all of the above, plus)
- Demonstrated experience with industry standard frameworks mentioned above
- CRISC or other related certification
- Experience with Navex IRM/Lockpath or other GRC tools, Experience with KnowBe4 or other security awareness tools
- Analytical skills and ability to formulate and articulate roadmaps and recommendations.
- Ability to multi-task and prioritize individual and team work in fast changing environment.
- Ability to interact with personnel at all levels of an organization to resolve issues and provide solutions in a timely manner.
- Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.
- Strong technical, analytical and problem-solving skills.
- Experience in successfully working remotely
- Excellent written and oral communication skills.
- Experience working with customers in sensitive environments
- Ability to interface with all levels within an organization and provide input to facilitate cybersecurity compliance decisions.
- Highly organized, self-motivated and accountable
85% - Program
- Support tactical execution of assigned cybersecurity compliance activities. This can include execution, support, follow up, monitoring and reporting for areas including:
- ISM reports, Privacy Impact Assessment, Personal Information Registration, ISM Audit
- Security Education Training and Awareness (SETA) promotion, delivery and reporting
- Policy Exception Intake, review, monitoring and reporting
- Security Conformity activities
- Able to scope out projects and manage day to day processes of a program.
- Support tactical execution of cloud risk, third party risk, cybersecurity, and other risk assessment and questionnaires as directed.
- Support risk register maintenance. Follow up on outstanding remediation with related stakeholders.
- Support and manage cybersecurity compliance demands and engagements; support team prioritization.
- Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.
- Raise concerns to Cybersecurity Governance manager
- Assist internal audit requirements with preparing and presenting written and oral reports and other technical or process related information in a pertinent, concise, and accurate manner for distribution to management.
15% - Planning and Collaboration
- Support the departmental management activities for cybersecurity compliance.
- Develops schedules to ensure timely completion of tactical activities for cybersecurity compliance.
- Interfaces with task leaders, subcontractors and support personnel, customer and our management to drive action and ensure transparency and visibility for cybersecurity compliance management initiatives.
- Summarizes and reports cybersecurity compliance risks to the Cybersecurity Governance manager and/or its working group overseeing compliance initiatives.
- Collaborate with other North America regional cybersecurity teams.
- Support response to internal and external consumers, regulatory bodies, and auditors about cybersecurity governance, risk, and compliance affairs and inquiries.
At FastTek Global, Our Purpose is Our People and Our Planet. We come to work each day and are reminded we are helping people find their success stories. Also, Doing the right thing is our mantra. We act responsibly, give back to the communities we serve and have a little fun along the way.
We have been doing this with pride, dedication and plain, old-fashioned hard work for 24 years!
FastTek Global is a financially strong, privately held company that is 100% consultant and client focused, operating in nearly half of the states in the U.S., Europe and India.
We've differentiated ourselves by being fast, flexible, creative and honest. Throw out everything you've heard, seen, or felt about every other IT Consulting company. We do unique things and we do them for Fortune 10, Fortune 500, and technology start-up companies.
Our benefits are second to none and thanks to our flexible benefit options you can choose the benefits you need or want, options include:
- Medical and Dental (FastTek pays majority of the medical program)
- Personal Time Off (PTO) Program
- Long Term Disability (100% paid)
- Life Insurance (100% paid)
- 401(k) with immediate vesting and 3% (of salary) dollar-for-dollar match
Plus, we have a lucrative employee referral program and an employee recognition culture.
FastTek Global was named one of the Top Work Places in Michigan by the Detroit Free Press in 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, and 2022!
To view all of our open positions go to: https://www.fasttek.com/fastswitch/findwork
Follow us on Twitter: https://twitter.com/fasttekglobal
Follow us on Instagram: https://www.instagram.com/fasttekglobal
Find us on LinkedIn: https://www.linkedin.com/company/fasttek
You can become a fan of FastTek on Facebook: https://www.facebook.com/fasttekglobal/