GRC analyst Job at RPL International, Miami, FL

TGJlMENCa0RNbGN0cFlneXdXUG1LSFJnaGc9PQ==
  • RPL International
  • Miami, FL

Job Description

Job Title : Governance, Risk and Compliance (GRC) Analyst

Department : INFORMATION SYSTEMS
Office Name : Miami, Florida
Address : 8001 Northwest 79th Avenue
City : Miami
Postal code : 33166
Country : United States

POSITION SUMMARY:

The Information Security GRC Analyst has knowledge of risk management, security, regulatory compliance, and privacy practices. They understand and explain to others the cybersecurity requirements for legal and regulatory compliance, including Sarbanes Oxley (SOX), SWIFT, and other applicable federal regulations and statutes. In addition, they perform security program gap assessments and control readiness reviews, and report status to IT leadership. Effective interpersonal and communication skills and the ability to work with a wide variety of people (IT professionals and leadership, business partners, auditors, and vendors) are required for this role. This position will perform day-to-day management and execution of the security governance, risk management, and compliance functions. It will work collaboratively with the different responsible parties and owners of the security controls and safeguards to confirm and document compliance. Among other tasks, it will be responsible for conducting security reviews for third-party vendors and security assessments for the implementation of new software and solutions. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

QUALIFICATIONS:

Required

  • Minimum three (3) years of recent relevant experience in information security, IT risk management, or cybersecurity compliance.
  • Experience in governance, risk assessments, and regulatory compliance (e.g., SOX, SWIFT, HIPAA, or similar).
  • Experience conducting third-party risk assessments and software implementation reviews.
  • Understanding of Cybersecurity frameworks (CIS, NIST, etc.)
  • Understanding of Cybersecurity requirements for legal and regulatory compliance, including Sarbanes Oxley (SOX), SWIFT, and other applicable federal regulations and statutes.
  • Understanding of Cybersecurity reports and certifications (SOC2 type II, ISO 27001, etc.)
  • Understanding of Cybersecurity concepts, controls, and safeguards.
  • Must have intermediate to advanced communication skills in English (speak, read, and write).
  • Demonstrated ability to collaborate cross-functionally with IT teams, auditors, vendors, and leadership
  • Strong communication skills with the ability to communicate effectively at all levels.
  • Highly organized with an analytical mindset and attention to detail for evaluating and improving data quality and governance processes.
  • Ability to work independently and with little supervision.
  • Experience working in a team-oriented and collaborative environment.
  • Ability to work a flexible schedule, extended hours, holidays, and/or weekends as needed.

Preferred:

  • Ability to communicate at an intermediate to advanced level in Spanish.
  • Bachelor’s degree in Information Security, Computer Science, or a related field.
  • Certifications such as CISA, CISSP, or CIPP.

DUTIES AND RESPONSIBILITIES:

Primary

  • Supports the key initiatives/projects focused on reducing technology risk, governance, compliance with policies and external regulatory compliance.
  • Maintains updated the centralized GRC platform with required relevant information.
  • Performs periodic security program gap assessments.
  • Performs continuous security controls and safeguards audits to confirm and document compliance.
  • Participates in addressing exception requests to information security policies and standards; works with internal IT and business focal points to document the request, identify business justifications and compensating controls, and present findings to IT Leadership for review and approval.
  • Conducts information security vendor risk assessments and provides recommendations for system, network, and application design, implementation, and operational effectiveness controls.
  • Works with IT teams to develop corrective action plans for identified findings from internal security controls assessments, vendor risk assessments, internal and external audits, or other security reviews; tracks remediation efforts to closure.
  • Serves as subject matter expert to internal business and technology teams and security teams on risk management activities and industry best practices.

Secondary

  • Provides IT support for regulatory and compliance activities.
  • Creates helpdesk support tickets.
  • Keeps IT informed on tips and techniques that will enhance cyber security posture.
  • Recommends security enhancements.
  • Additional duties as assigned.

PHYSICAL REQUIREMENTS:

  • The employee is continuously required to sit and use his fingers.
  • The employee frequently is required to talk and/or hear.
  • The employee is frequently required to stand and walk.
  • The employee must occasionally lift and/or move up to 10 pounds.
  • Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.

SAFETY REQUIREMENTS:

  • Report safety hazards.
  • Immediately report incidents involving injury, illness, or property damage.
  • Wear protective PPE (Personal Protective Equipment) as instructed or necessary.
  • Comply with all company safety policies, procedures, and rules.
  • Refuse any unsafe task or operation.
  • Participate in safety meetings and training.
  • Be constantly aware of their personal safety and that of their coworkers.

SUPERVISION RECEIVED AND EXERCISED:

Reports directly to the Senior Manager - IT Security. Does not exercise supervision over other staff.

CONDITIONS:

  • Work is performed primarily in the office.
  • The noise level in the work environment is usually quiet to moderate when work is performed in the office environment.

Job Tags

Remote job, Work at office, Immediate start, Flexible hours, Weekend work,

Similar Jobs

CyberCoders

Senior Accountant / Assistant Controller Job at CyberCoders

 ...Job Description Job Description Senior Accountant / Assistant Controller Job Title: Senior Accountant or Assistant Controller...  ...authorized to work in the United States without the need for sponsorship for a non-immigrant visa. This job was first posted by CyberCoders... 

LoanMax Title Loans

Customer Service Representative Job at LoanMax Title Loans

 ...Job Description LoanMax- Customer Service Representative Are you looking for a stable, full-time, entry-level position with career potential? If so, you've come to the right place!***We are currently hiring for our location at 2225 Frederica St, Owensboro, KY... 

Walt Disney World Resort Careers

Entertainment Stage Technician- Full Time/Part Time, Walt Disney World Job at Walt Disney World Resort Careers

 ...conditions in a physically active environment Experience setting up, installing, and troubleshooting advanced technology for new productions or events Technology savvy with solid understanding of electrical systems and data signal flow Troubleshoot and repair show... 

LP Consulting

International Travel and Tourism Consultant Job at LP Consulting

 ...Join our Team as aInternational Travel and Tourism Consultant! Do you have a passion for travel and a knack for planning unforgettable experiences? As a International Travel and Tourism Consultant , youll help clients bring their dream vacations to life. From tropical... 

Rolls Royce

Compliance Officer Job at Rolls Royce

 ...employee compliance with the Code of Conduct, various policies and relevant laws and regulations. The role involves partnering with the business to sustain a culture of integrity based on ethical principles and effective risk management. You will also provide support and...