Risk Analyst (GRC)
Nutanix
Contract San Jose, California, United States Posted 5 years ago
About Position
Risk Analyst (GRC) (Contract)
$55.00 / Hourly
San Jose, California, United States
Risk Analyst (GRC)
Contract San Jose, California, United States Posted 5 years ago
Description
ResponsibilitiesLead 3rd Party Risk Assessments and deliver customer security/compliance questionnairesPerform Control SelfAssessment (CSA) testing in accordance with standardsEnhance CSA program to incorporate more robust control statements and test stepsAid in the development and automation of Key Risk Indicators and Key Performance IndicatorsFacilitate Vulnerability Management Forum and prioritize patch and remediation effortsFacilitate risk issue management activities using GRC platformEstablish interdepartmental Operational Level AgreementsEstablish new IT risk management strategiesAct as a GRC liaison on behalf of CybersecurityAccountable forExecution and delivery of regulatory control requirements (SOX / GDPR)Execution and delivery of 3rd party risk assessments in accordance with industry best practicesExecution and delivery of CSA control plansEnhancement of CSA control statements and test stepsEnhancement of security compliance programs to support compliance regulationsOperationalization of a critical metrics and reporting for executive managementQualificationsCandidate must have 510 years working in governance, risk and compliance and/or information security and risk managementFunctional knowledge of the CISSP security domains and information security best practicesFunctional knowledge of relevant regulatory requirements (SOX/GDPR)Functional knowledge of relevant certification standards (ISO27001, ISO27017, ISO27018, SOC1, SOC2, FedRAMP)Ability to communicate risk methodologies and concepts between business units and ITDemonstrated experience with controls definition, development, implementation and assessmentStrong interpersonal skills and ability to work in a crossfunctional capacityAbility to project manage a large portfolio of concurrent workstreamsOne or more relevant certifications (e.g. CISSP, CISA, CRISC, CCSK, CCSP)
By applying to a job using PingJob.com you are agreeing to comply with and be subject to the PingJob.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.
