Security Analyst (GRC Analyst) (Advanced) Job at V2Soft, Boca Raton, FL

NTBrYzdRWk00V0YwU1JKeWZpMDlCMFFrTUE9PQ==
  • V2Soft
  • Boca Raton, FL

Job Description

V2Soft ( ) is a global company, headquartered out of Bloomfield Hills, Michigan, with locations in Mexico, Italy, India, China, and Germany. At V2Soft, our mission is to provide high-performance technology solutions to solve real business problems. We become our customer's true partners, enabling both parties to enjoy success. We are committed to promoting diversity in the workplace and believe it has a positive effect on our company and the customers we serve.

Job Summary:

The management, assessment, and mitigation of risks are fundamental components of our information assurance and cyber security program at the client. This position leads the IT security risk and audit program for information systems security using generally accepted standards and frameworks for IT audit and risk management (e.g., NIST, ISO, PCI, and ISACA). The position is responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify control weakness. This individual will interface with the Security Operations, IT Operations, and various business units to:

Perform PCI, SOC2, ISO, and applicable client cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Department's security policies.

Plan and perform IT security controls effectiveness. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.

Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies

Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.

Manage IT security vulnerabilities management program aligned with PCI and NIST standards.

Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important.

For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.

Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.

Coordinating, tracking, and verifying remediation of audit findings.

Documenting the results and developing a plan of action and milestones for mitigating any identified risk.

Produce formal audit reports based on ISACA Audit Standards.

Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.

GRC Risk Analyst Skills & Requirements:

7-10 years of IT Audit experience (CISA certified preferred)

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and design

Advanced skill level in business process mapping and documentation as well as policy and procedure development

Recent experience in Information Security with up-to-date knowledge of the current threat landscape.

Solid understanding of PCI DSS standards

Education and Certifications:

Bachelor's Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.

CISA and CISSP certifications (preferred).

V2Soft is an Equal Opportunity Employer ( EOE).

- to view all of our open opportunities and to learn more about our benefits.

Job Tags

Permanent employment, Work experience placement,

Similar Jobs

Boston Globe Media Partners

Full Time Sports Multiplatform Editor Job at Boston Globe Media Partners

 ...seeks an experienced copy editor to work full-time on its Boston-based sports desk as it edits and prepares copy for publication on all platforms, including our website, printed newspaper, social media, and newsletters. Responsibilities Work shifts, depending on... 

DISH

Cable Technician Job at DISH

 ...year and $9,100 each following year! Paid training, paid time off & paid holidays 4-day work week with opportunities to work overtime Medical, Dental, Vision and Life Insurance packages and Health Savings Account Free DISH TV programming at a value of $114.99/month at your... 

Phillips Academy

Campus Safety Officer Per Diem Job at Phillips Academy

 ...Job Description Job Description Phillips Academy seeks candidates for the position of Per Diem Public Safety Officer . Primary responsibilities include protecting members of the Phillips Academy community and its property. The Public Safety Officer responds to requests... 

LingoCircle

Online English Teacher Job at LingoCircle

 ...Online English Teachers (part-time)$20-$25 per hour Job description: As a LingoCircle instructor, you will teach children 3 to 15 years old remotely using a communicative method, leveraging your creativity to maintain high levels of motivation and engagement with... 

Associate Vet Position at private practice with great pay, N...

Associate Vet Position at private practice with great pay, NO WEEKENDS Job at Associate Vet Position at private practice with great pay, N...

 ...a splenectomy or pyometra in under 30 minutes. If surgery isn't your thing, you don't have to do it here and it won't affect your pay/schedule! Our highly trained staff includes certified veterinary technicians so you can focus on practicing quality medicine. Dr...