Senior Information Security Governance, Risk, and Compliance Analyst @ Hexagon Asset Lifecycle Intelligence | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
Senior Information Security Governance, Risk, and Compliance Analyst jobs in Madison, AL
66 applicants
expire-info-iconThis job has closed.
job-post-linkOriginal Job Post
company-logo

Hexagon Asset Lifecycle Intelligence · 2 days ago

Senior Information Security Governance, Risk, and Compliance Analyst

positionMadison, AL
timeFull-time
remoteRemote
senioritySenior Level
date8+ years exp

Wonder how qualified you are to the job?

ftfMaximize your interview chances
Software
check
Actively Hiring
Hiring Manager
Jessica Stone, PHR, CTR
linkedin

Insider Connection @Hexagon Asset Lifecycle Intelligence

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Support the development, implementation, and maintenance of the information security risk and controls program.
Support the implementation and testing of a comprehensive information security controls framework while developing innovative risk mitigation strategies with cross-functional teams.
Govern and report on findings, tracking status, and ensuring corrective actions are complete and sustainable.
Communicating with technical and non-technical stakeholders and leaders on information security risk and controls management topics and program-specific reporting
Staying up to date on current cybersecurity threats, vulnerabilities, trends, and best practices to proactively evolve the information security risk and controls program.
Support information security risk identification & assessment, response & mitigation, control monitoring & reporting.
Gather and evaluate information, including supporting auditors, investigations, and customer requests.
Develop and perform tests, to evaluate the design and effectiveness of key controls as is necessary for compliance.
Review test findings, identify control weaknesses, present results, and recommend actions to remediate issues.
Assist is the completion of customer questionnaires.
Assist on root cause analysis on incidents to determine underlying causes.
Participate in the company’s business continuity plan and cyber security table-top exercises.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information securityGRCISO 27001CIS ControlsNIST 800-171CMMCTISAXGDPRIT securityTechnology controlsCyber securityInfrastructureCloud servicesInternal controlTesting techniquesData analysisEnglish fluencyCommunicationPresentationRelationship managementCertifications CRISCCertifications CISSPCertifications CISMCertifications CISACertifications CCSPCertifications ISO 27001 Lead AuditorProject ManagementGRC Systems ProficiencyProblem-SolvingAdaptability

Required

Bachelor's Degree in computer science, computer engineering, management information systems, information technology or a similar field. An equivalent combination of education, certifications and experience may substitute for a degree
Minimum 8 years in an Information Security GRC function with expertise and accomplishments directly relevant to the position
Knowledge and experience of information security standards and compliance requirements such as ISO 27001, CIS Controls, NIST 800-171, CMMC, TISAX, GDPR, etc.
IT/Information security technology and controls experience (e.g., cyber security, network, infrastructure, applications, cloud services, projects, etc.)
Internal control implementation, including the evaluation of the design and operating effectiveness of controls
Advanced knowledge of testing techniques and data analysis principles, as well as the ability to interpret results
Advanced-level communication, presentation, and relationship management skills with technical and non-technical audiences
Ability to travel internationally
English (fluent written and verbal)
Citizenship Requirement: Due to the nature of this position and its involvement with government-related contractual obligations, applicants must be U.S. citizens.

Preferred

One or more relevant certifications (e.g., CRISC, CISSP, CISM, CISA, CCSP, ISO 27001 Lead Auditor)
Drive multiple projects, achieve key milestones, with ability to reprioritize work in a fast-paced environment
Sustain effective engagement and take ownership, demonstrate a sense of urgency, and ensure accuracy and quality
Proficiency with GRC systems

Company

Hexagon Asset Lifecycle Intelligence

twittertwittertwitter
Glassdoor
3.9
company-logo
Hexagon’s Asset Lifecycle Intelligence division helps clients design, construct, and operate more profitable, safe, and sustainable industrial facilities.
dateFounded in 2017
location
Madison, Alabama, USA
people-size10,001+ employees
web-link
https://hexagonppm.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Melanie Eakes
Executive Vice President & Chief Technology Officer
linkedin
leader-logo
David Cryer
Senior Vice President & Chief Marketing Officer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot