Apply on Employer Site

CMC · 7 hours ago

IT Security Analyst

Irving, TX

Full-time

Onsite

Entry, Mid Level

2+ years exp

CMC is a Fortune 500® company at the forefront of the construction reinforcement and steel industry. The IT Security Analyst role focuses on conducting internal audits, supporting compliance with IT security policies, and managing risks associated with IT security across the organization.

AgricultureConstructionIndustrial EngineeringIndustrial ManufacturingManufacturingRecyclingRetailTransportation

H1B Sponsor Likely

Responsibilities

Internal Audits: conduct and support internal IT security audits to ensure compliance with organizational controls, policies, and regulatory requirements

Internal Audits: Provide guidance and support to IT teams in implementing security controls and mitigating risks in their respective areas

SOX Auditing: Complete and support SOX (Sarbanes-Oxley) compliance audits, ensuring adherence to financial and IT controls. Complete (as scheduled) audit requests and activities

SOX Auditing: Coordinate the provisioning of audit evidence during period of audit. Partner with Internal Audit and IT management teams to resolve/mitigate any findings, as needed

SOC Reports Review: Review and assess SOC 1 and 2 reports to ensure external service providers meet security and compliance standards

Third-Party Vendor Reviews: Conduct thorough security assessments of third-party vendors to mitigate risks associated with external partnerships

GRC Tools: Utilize GRC tools to streamline and automate all aspects of the process. (governance, risk management, evidence collection, and compliance processes)

Risk Management: Collaborate with cross-functional teams to establish and maintain effective risk management processes related to IT security

Policy development and maintenance: Provide oversight in Policy design and content review for IT related policies

Monitor and report: Maintain compliance reporting about IT Security policies, standards, and regulations. Construct metrics to explain progress to senior management and relevant stakeholders

Participate in incident response activities, including investigating security incidents and breaches, and implementing remediation measures, as necessary

Foster a culture of security awareness and compliance across the organization through training, awareness programs, and regular communication

Qualification

IT security governanceRisk managementIT security assessmentsGRC toolsCISSPCISMCRISCAnalytical skillsVendor relationship managementCommunication skillsCollaboration

Required

Proven experience (2 years) in IT security governance, risk management, or related fields

Strong understanding of IT security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, GDPR)

Experience with conducting IT security assessments, audits, and risk assessments

Excellent analytical and critical thinking skills, with the ability to prioritize and manage multiple tasks simultaneously

Effective communication skills, with the ability to convey complex technical information to non-technical stakeholders

Demonstrated ability to work collaboratively in a cross-functional team environment

Experience with IT Security/GRC tools and automation technologies

Demonstrated ability to effectively collaborate with and influence a variety of internal stakeholders

Strong verbal and written communication skills with the ability to create and effectively deliver information and facilitate presentations

Able to partner with various parts of the business to identify and achieve goals

Makes effective, fact-based business decisions and recommendations

Recognizes problems, identifies opportunities, and suggests solutions for improvement

Seeks opportunities for learning/growth and is open to feedback

Able to balance tactical decisions with bigger picture

Is results focused; set exacting standards for self and others

Is open to and supports organizational changes

Demonstrates commitment to focus on customer service

Willingness and ability to make quick and effective decisions

Vendor Relationship management

Bachelor's degree in computer science, Information Technology, or related field

Preferred

Advanced degree or professional certifications (e.g., CISSP, CISM, CRISC)

Benefits

Day 1 Benefits Coverage with low cost Medical, Vision, Dental

Day 1 Paid-time Off and Vacation

4.5% Company Match 401(k) plan

$500 Annual Company-paid Lifestyle Benefit

Competitive Compensation and Bonuses

Company-paid Life and Disability Insurance

Employee Stock Purchase Plan

Training and Advancement Opportunities

Company

CMC

Glassdoor3.9

CMC is a steel and metal products company that recycles scrap metal, manufactures steel, and fabricates construction materials.

Founded in 1915

Irving, Texas, USA

10001+ employees

https://www.cmc.com

H1B Sponsorship

CMC has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (2)

2022 (1)

Funding

Current Stage

Public Company

Total Funding

$902M

Key Investors

West Virginia Economic Development AuthorityMaricopa County Industrial Development Authority

2025-11-13Post Ipo Debt· $2M

2025-05-06Post Ipo Debt· $150M

2022-02-01Post Ipo Debt· $150M

Leadership Team

Peter Matt

President and Chief Executive Officer

David Miller

Co-Founder - Program Manager

Recent News

PR Newswire

CMC Reports First Quarter of Fiscal 2026 Results

2026-01-09

Investing.com

Commercial Metals rises over 2% on strong Q1 earnings beat, revenue growth

2026-01-09

Tech in Asia

Vietnam’s digital tech sector hits $198b revenue

2026-01-08

Company data provided by crunchbase