GRC analyst Job at RPL International, Miami, FL

YVo3cTdOY0JLYktWNjBoM1h4WGdoQ01RelE9PQ==
  • RPL International
  • Miami, FL

Job Description

Job Title : Governance, Risk and Compliance (GRC) Analyst

Department : INFORMATION SYSTEMS
Office Name : Miami, Florida
Address : 8001 Northwest 79th Avenue
City : Miami
Postal code : 33166
Country : United States

POSITION SUMMARY:

The Information Security GRC Analyst has knowledge of risk management, security, regulatory compliance, and privacy practices. They understand and explain to others the cybersecurity requirements for legal and regulatory compliance, including Sarbanes Oxley (SOX), SWIFT, and other applicable federal regulations and statutes. In addition, they perform security program gap assessments and control readiness reviews, and report status to IT leadership. Effective interpersonal and communication skills and the ability to work with a wide variety of people (IT professionals and leadership, business partners, auditors, and vendors) are required for this role. This position will perform day-to-day management and execution of the security governance, risk management, and compliance functions. It will work collaboratively with the different responsible parties and owners of the security controls and safeguards to confirm and document compliance. Among other tasks, it will be responsible for conducting security reviews for third-party vendors and security assessments for the implementation of new software and solutions. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

QUALIFICATIONS:

Required

  • Minimum three (3) years of recent relevant experience in information security, IT risk management, or cybersecurity compliance.
  • Experience in governance, risk assessments, and regulatory compliance (e.g., SOX, SWIFT, HIPAA, or similar).
  • Experience conducting third-party risk assessments and software implementation reviews.
  • Understanding of Cybersecurity frameworks (CIS, NIST, etc.)
  • Understanding of Cybersecurity requirements for legal and regulatory compliance, including Sarbanes Oxley (SOX), SWIFT, and other applicable federal regulations and statutes.
  • Understanding of Cybersecurity reports and certifications (SOC2 type II, ISO 27001, etc.)
  • Understanding of Cybersecurity concepts, controls, and safeguards.
  • Must have intermediate to advanced communication skills in English (speak, read, and write).
  • Demonstrated ability to collaborate cross-functionally with IT teams, auditors, vendors, and leadership
  • Strong communication skills with the ability to communicate effectively at all levels.
  • Highly organized with an analytical mindset and attention to detail for evaluating and improving data quality and governance processes.
  • Ability to work independently and with little supervision.
  • Experience working in a team-oriented and collaborative environment.
  • Ability to work a flexible schedule, extended hours, holidays, and/or weekends as needed.

Preferred:

  • Ability to communicate at an intermediate to advanced level in Spanish.
  • Bachelor’s degree in Information Security, Computer Science, or a related field.
  • Certifications such as CISA, CISSP, or CIPP.

DUTIES AND RESPONSIBILITIES:

Primary

  • Supports the key initiatives/projects focused on reducing technology risk, governance, compliance with policies and external regulatory compliance.
  • Maintains updated the centralized GRC platform with required relevant information.
  • Performs periodic security program gap assessments.
  • Performs continuous security controls and safeguards audits to confirm and document compliance.
  • Participates in addressing exception requests to information security policies and standards; works with internal IT and business focal points to document the request, identify business justifications and compensating controls, and present findings to IT Leadership for review and approval.
  • Conducts information security vendor risk assessments and provides recommendations for system, network, and application design, implementation, and operational effectiveness controls.
  • Works with IT teams to develop corrective action plans for identified findings from internal security controls assessments, vendor risk assessments, internal and external audits, or other security reviews; tracks remediation efforts to closure.
  • Serves as subject matter expert to internal business and technology teams and security teams on risk management activities and industry best practices.

Secondary

  • Provides IT support for regulatory and compliance activities.
  • Creates helpdesk support tickets.
  • Keeps IT informed on tips and techniques that will enhance cyber security posture.
  • Recommends security enhancements.
  • Additional duties as assigned.

PHYSICAL REQUIREMENTS:

  • The employee is continuously required to sit and use his fingers.
  • The employee frequently is required to talk and/or hear.
  • The employee is frequently required to stand and walk.
  • The employee must occasionally lift and/or move up to 10 pounds.
  • Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.

SAFETY REQUIREMENTS:

  • Report safety hazards.
  • Immediately report incidents involving injury, illness, or property damage.
  • Wear protective PPE (Personal Protective Equipment) as instructed or necessary.
  • Comply with all company safety policies, procedures, and rules.
  • Refuse any unsafe task or operation.
  • Participate in safety meetings and training.
  • Be constantly aware of their personal safety and that of their coworkers.

SUPERVISION RECEIVED AND EXERCISED:

Reports directly to the Senior Manager - IT Security. Does not exercise supervision over other staff.

CONDITIONS:

  • Work is performed primarily in the office.
  • The noise level in the work environment is usually quiet to moderate when work is performed in the office environment.

Job Tags

Remote job, Work at office, Immediate start, Flexible hours, Weekend work,

Similar Jobs

MH CIVIL CONSTRUCTORS, INC

Chief Financial Officer (CFO) Job at MH CIVIL CONSTRUCTORS, INC

 ...infrastructurewere building a company for the long haul. As we scale past $100M in annual revenue, we are seeking a Chief Financial Officer (CFO) to architect our financial future. This role is perfect for a seasoned financial leader who is energized by building systems,... 

University of Maryland Medical System

Patient Care Technician I, Behavioral Health, Part Time, Nights Job at University of Maryland Medical System

 ...system, focused on delivering compassionate, high-quality care and putting discovery and innovation into practice at...  ...System, you can learn, grow, and make a lasting impact on patients and families. Youll experience the support of a collaborative work environment and a... 

Wellpath

Licensed Practical Nurse - LPN - Corrections Job at Wellpath

 ...The Licensed Practical Nurse (LPN) plays a vital role in patient care by contributing to the nursing process of assessment, planning...  ...in 37 states and still a welcoming community.Working in a corrections or psychiatric environment may sound intimidating, however it is... 

Cigna

Human Resources Onsite Summer Internship (Graduate Students) Job at Cigna

 ...Qualifications Required: ~ Currently enrolled in the first year of a Masters program in Human Resources, Labor Relations, or MBA with HR focus. ~ Minimum 1 year of professional HR experience . ~ Strong communication skills and ability to build relationships... 

Preferred Care at Home - Corporate

SEO & PPC Expert Job at Preferred Care at Home - Corporate

Preferred Care at Home - Corporate is seeking an SEO & PPC Expert to join our team in Knoxville, TN.Responsibilities:* Develop and implement SEO strategies to improve organic search rankings* Create and manage PPC campaigns to drive traffic and conversions* Conduct...