Analyst: Governance, Risk, and Compliance

Engineering Remote - United States Los Angeles, California


Description

Position at J2 Cloud Services

As part of the Information Security department at Consensus, The Governance, Risk and Compliance (GRC) Analyst will be an innovative, self-driven team player who will educate, provide guidance, and drive a risk appreciation for information security and compliance throughout the company. This individual is a business partner and enabler who is seen as a trusted adviser and partner for various departments (Legal, Finance, Internal Audit, Technology, Customer Service, Marketing, etc.) and teams.

Responsibilities:

  • Provide support to the governance risk and compliance management program to achieve certifications such as ISO 27001/27002, HITRUST, NIST, SOC 2 Type 2, PCI-DSS and others as appropriate
  • Conduct security risk assessments across the organization, rank security risks, articulate risk in terms of business impact, and suggest reasonable strategies to mitigate risks.
  • Liaise closely with the Consensus Internal Audit team, business leaders, external auditors and customers.
  • Conduct acquisition target and vendor security risk assessments to provide risk-based recommendations to the organization and evaluate the company’s risk posture.
  • Serves as a company representative with prospects, customers, and partners by assisting with completing security questionnaires, assessments and audits
  • Provide Information Security consulting and security awareness education to the business
  • Develop, maintain, and enforce strong information security policies, procedures, and position papers

Requirements:

  • 3+ years in IT Systems/Information Assurance experience.
  • Demonstrated experience working with regulatory requirements and standards (PCI-DSS, SOC, HIPAA, HITRUST, ISO, BSI, GDPR etc.) and frameworks (ISO, NIST, OWASP, etc.).
  • The ability to communicate complex security risks to non-technical staff
  • Strong work ethic, attention to detail, and organizational skills
  • Ability to multi-task and manage priorities in a fast-paced environment
  • Ability to collaborate in a team setting, as well as work independently
  • Big-4/Consulting experience is preferred
  • Relevant certification(s) are preferred (e.g. CRISC CISSP, CISM, CISA, CCSK)
  • Experience with on prem and Cloud environments
  • Willingness and ability to travel domestically and internationally when needed
#J2CloudServices
#LI-MW1
#LI-Remote