Security Analyst (GRC Analyst) - SECAN24-14469 Job at NavitsPartners, Pompano Beach, FL

cituTG9zbHBudEpTanE2T2JKSzl1TUZtc0E9PQ==
  • NavitsPartners
  • Pompano Beach, FL

Job Description

Job Description

Job Description

Job Title : Security Analyst - Governance, Risk, and Compliance (GRC) Analyst
Job Family : Security Management
Job Variance : Advanced
Location : Boca Raton, FL, 33434
Duration : 12 months

Job Summary:

The Security Analyst - GRC will be responsible for the management, assessment, and mitigation of risks within the organization's information assurance and cybersecurity program. This role will lead the IT security risk and audit program , ensuring compliance with standards and frameworks such as NIST, ISO, PCI, and ISACA . The successful candidate will be responsible for performing information systems and business process risk assessments , identifying control weaknesses, and implementing mitigation strategies.

Key Responsibilities:
  • Conduct PCI, SOC2, ISO, and cybersecurity control reviews to ensure compliance with security policies.
  • Plan and assess IT security controls effectiveness , and manage remediation efforts for identified gaps.
  • Develop and maintain the IT security risk and compliance matrix , performing management reporting on IT systems controls and business process risks.
  • Maintain the Third Party Risk Management Program (TPRM) and analyze SOC-2 and other relevant reporting, mapping to key IT security controls such as NIST, PCI, and COBIT .
  • Manage the IT security vulnerabilities management program in alignment with PCI and NIST standards.
  • Identify and assess the value, sensitivity, and criticality of operations and assets that may be impacted by threats.
  • Estimate potential losses from threats to critical assets and operations and suggest cost-effective mitigation actions .
  • Track and verify remediation of audit findings and ensure compliance with audit standards such as ISACA .
  • Document results, develop a plan of action, and create milestones to mitigate identified risks.
  • Produce formal audit reports based on ISACA Audit Standards and promote compliance with PCI DSS and IT best practices.
Skills & Requirements:
  • 7-10 years of IT audit experience (CISA certification preferred).
  • 3+ years of experience in the IT risk management lifecycle.
  • 3+ years of hands-on technical experience (e.g., developer, system administrator).
  • Experience working with the NIST 800-30 Risk Assessment Standard .
  • Extensive experience evaluating and designing IT General Controls .
  • Advanced skills in business process mapping, documentation, and policy and procedure development.
  • Knowledge of current cybersecurity threats and solid understanding of PCI DSS standards .
Education & Certifications:
  • Bachelor's degree in Computer Science, Information Systems, Business Administration , or a related field (or equivalent work experience).
  • Preferred certifications: CISA and CISSP .

Job Tags

Work experience placement,

Similar Jobs

Mastech Digital

Machinist CNC Setup Operator Job at Mastech Digital

 ...regarding a Contract to hire opportunity as below: Title: CNC Machinist Location: Woburn,MA Duration: 6 months...  ...supervision and guidance performs basic CNC set-ups and machining operations. Knowledge of engineering drawing interpretation, manual and CNC... 

SOFLO Domestics

Full Time Housekeeper for UHNW Family In Palm Beach, FL Job at SOFLO Domestics

 ...week. Days usually start 10/11am. Weekends Required. Off days are flexible between Monday/Tuesday or Tuesday/Wednesday Live-in accommodation Hamptons: Private room with en-suite bathroom in the basement. Family may sometimes opt to provide an Airbnb instead. (This... 

OED Solutions

Entry Level - Paid Training - No Experience Needed Job at OED Solutions

 ...career driven individuals to take our company move to the next level. To meet the increasing marketing and advertising needs of...  ...training the right individuals in all divisions of our firm. Entry Level Management Junior Marketing Campaign Development... 

Muscogee Staffing Solutions

Physical Security Manager Job at Muscogee Staffing Solutions

 ...Job Description Job Description Physical Security Program Manager Location : Oklahoma City, OK Position Overview : Muscogee Nation Business (MNB) is seeking a highly experienced and qualified Phyical Security Program Manager to oversee our comprehensive... 

Global Placement Firm

Physician - Diagnostic Radiologist Job at Global Placement Firm

 ...We are seeking a Physician - Diagnostic Radiologist for a full-time position supporting our client.Work Schedule: Monday - Friday, between the hours of 7:00am and 5:00pm Call: Rarely used, max 4 weeks/year to support teleradiology from home Call-Back: Rarely used, but...