IT GRC Analyst
The IT GRC Analyst will provide Governance, Risk and Compliance support to the IT Security and Compliance team. This position will report to the IT GRC Manager and will be based at Cork office located in Ireland.
RESPONSIBILITIES AND DUTIES:
- Identify and document business risks, and coordinate remediation of vulnerabilities and threats using repeatable risk assessment methodologies and processes. This may include producing and analyzing output from infrastructure, database, data classifications or web application vulnerability assessments and developing spreadsheets, diagrams, Word documents and reports as requested.
- Communicate effectively with management, engineers, customers and others regarding the need of information security and to help them learn their roles and responsibilities in the implementation and maintenance of appropriate controls to mitigate significant risks
- Train assigned team members on security best practices
- Identify and communicate recommended security and control deficiencies for business units. Document and monitor the implementation of controls for technology and business project plans.
- Drives Information Security Compliance and Governance program
- Develops and maintains a data inventory, conducting regular reviews and risk assessments.
- Develops, implements and maintains the data security plan according to Information Security Leadership guidance.
- Maintains contact and coordination with internal/external audit and prepares responses to audit reports.
- Provides guidance and risk assessments of new and existing solutions, services, and business processes.
- Becomes an expert and provides direction around the administration of the GRC platform to ensure compliance program operates efficiently with minimal impact on control owner
- Develop policy documents with supporting procedures in support of compliance programs
SKILLS, KNOWLEDGE AND ABILITIES:
- A Bachelor’s Degree (or equivalent) and 3+ years of experience in one of the following functions: Corporate/Risk Governance, Compliance, Project Management or related areas.
- 3 years of security, information technology or technology risk management related work experience.
- Knowledge and/or experience with LANs, WAN, VPNs, Routers, firewalls, and IDS/IPS systems desired.
- Strong communication and organizational skills, ability to multi-task, strong attention to details, excellent problem solving and follow-up skills required.
- Work independently, make decisions and multi-task effectively in a very diverse, project oriented environment.
- Two years of GRC experience with a strong understanding of how to design and execute compliance activities
- Excellent written communication and time management abilities
- Program Management (using frameworks, establishing policies and controls for compliance requirements)
- Comfort working with a globally dispersed team relying heavily on communication/collaboration tools
Logitech is the sweet spot for people who are passionate about products, making a mark, and having fun doing it. As a company, we’re small and flexible enough for every person to take initiative and make things happen. But we’re big enough in our portfolio, and reach, for those actions to have a global impact. That’s a pretty sweet spot to be in and we’re always striving to keep it that way.
“All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.”