Information Security Governance Risk Compliance Analyst

Bachelor’s degree in Computer Science with a focus on Cybersecurity or a closely related field
3-5 years of experience
Operational knowledge of Azure, O365, CrowdStrike, KnowBe4, Mimecast, ZenGRC+, and Archer
Strong leadership and project management skills
Excellent writing, organizational, and communication skills

Responsible for monitoring and tracking regulatory changes, ensuring that the organization remains compliant with all relevant laws, standards and industry regulations.
Conduct comprehensive risk assessments to identify potential threats and vulnerabilities within the organization’s operations.
Assist in the development, implementation, and revision of corporate policies and procedures to align with the best practices and compliance requirements.
Collaborate with internal and external audit teams, providing documentation and evidence as needed to demonstrate compliance and adherence to governance standards.
Assist in the development and maintenance of incident response plans to effectively address and mitigate security incidents or compliance violations.
Prepare and distribute regular reports to IT & IT Security leadership as well as business leadership summarizing risk assessments, compliance status, and recommendations for improvement.
Assist IT Security operations in the development and delivery of training programs to educate users on governance, risk, and compliance matters, fostering a culture of awareness and accountability.
Identify opportunities for enhancing governance processes and recommend improvements to reduce risk exposure and enhance operational efficiency.
Maintain a safe working environment.

Certifications in ISC2 CISSP and ISACA CRISC are not required, but preferred
Professional certifications in information security, such as ISC2 CISSP, ISACA CRISC, ISACA CISA, and ISC2 CGRC (formerly CAP) are highly desirable