Senior Cyber Security Analyst Governance, Risk and Compliance (GRC)
Atlanta, GA
The candidate will perform cyber security risk, governance and compliance management and oversight.
QUALIFICATIONS
- A four (4) year degree in Information Systems, Computer Science or Cyber Security.
- Staff must have a minimum of five (5) years of current experience in:
(i) Risk Management
(ii) Governance and Compliance
(iii) Information Security
(iv) Special Publication National Institute of Standards and Technology (NIST) 800 series
SKILLS, KNOWLEDGE AND ABILITIES
- The Senior Cyber Security Analyst (GRC) must have experience conducting/implementing/managing information systems audits.
- Must possess strong written and verbal communication skills.
- Proficiency with all Microsoft (MS) Office programs is necessary, including familiarity with SharePoint.
- Conducting and/or coordinating information security risk assessments for technology and security frameworks.
- Facilitating multiple stakeholders to agree on appropriate security solutions and verifying that security risks are mitigated appropriately.
- Verifying that required security controls are built into new products.
- Performing deep dives on Information security-related processes and systems.
- Identifying system limitations that could lead to regulatory risks in new products and services and provide guidance for resolution and risk mitigation.
- Staying abreast of innovative business and technology trends in Information Security, risk, and controls and advising leadership on technology initiatives.
- Carrying out risk assessments and gap analysis of multi-networks and cloud environments using compliance standards and frameworks such as PCI, Diplomatic Security Service (DSS), Criminal Justice Information Services (CJIS) and NIST.
- Creating, managing, and enforcing compliance requirements for business process and information systems and assisting in the development of Authority wide cybersecurity compliance program.
- Designing and/or implementing Information Security solutions in an enterprise environment.
- Leading initiatives for re-architecting and reengineering of security controls to enhance the security posture of the Authority.
- Strong knowledge of Vulnerability Management Remediation and Payment Card Industry (PCI) Compliance
Certification Requirements:
(i) Certified Information Systems Security Professional (CISSP)
(ii) CRISC
(iii) Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM)
Salary: D.O.E.
Start Time: Spring 2021