Jenzabar · 1 day ago
Senior Security Analyst – Risk and Compliance
Maximize your interview chances
CRMEducation
No H1B
Insider Connection @Jenzabar
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Lead centralized audit and IT compliance support in the facilitation of all audit and other customer assessment requests and remediation efforts. Primary audits currently include SOC 2, PCI-DSS, HECVAT, and TX-RAMP/State-RAMP.
Creating and maintaining IT Governance frameworks, policies, standards and procedures, and response plans.
Drive consistency in the way IT/Security risks are identified, controls are implemented and monitored and share best practices and learnings across the company.
Analyze current IT/Security risks and identify/monitor emerging risks which can affect the company and work with leaders and IT managers to ensure existing and emerging risks are understood and appropriate mitigations are implemented.
Lead IT/Security risk and governance program activities, such as risk assessments, risk exceptions, risk ratings, risk mitigation and remediation recommendations.
Document the company’s remediation efforts for IT/Security risk exposures, gaps, and deficiencies, and complete remediation validation to assess effectiveness of improved controls.
Work with leadership to create, maintain, and present Key Risk and Performance Metrics (KRI/KPI).
Identify and resolve technical, operational, risk management, and organizational challenges.
Collaborate on developing and implementing a centralized audit evidence repository and GRC tools.
Facilitate and oversee training to address identified weaknesses in team member knowledge of requirements, policies, or procedures, and to foster a culture of compliance.
Provide support in documenting technology controls and technological landscape.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s Degree in Information Technology or Information Security related field.
5+ years of experience working with governance, risk, and compliance within Information Technology and/or Information Security.
Strong project management skills with inherent ability to drive multiple programs, stakeholders, and teams towards organizational goals.
Experience developing frameworks and processes to drive a risk-based approach to incorporating standard frameworks such as COBIT, ITIL, ISO, COSO, and NIST into an enterprise compliance management process.
Experience with policy and control development as it relates to meeting compliance requirements from relevant regulations.
Ability to influence others at senior levels and establish credibility and working relationships with a wide range of corporate personnel, including technical operations, management, and executives as well as internal audit and external regulators.
Capable of establishing and maintaining an effective program structure that emphasizes the coordination of resources across projects, managing deliverables between projects, and the overall costs and risks of the compliance programs.
Experience with the development of formal written reports to communicate audit results and recommendations to management and business stakeholders.
Ability to facilitate productive meetings and work successfully in a team-oriented environment.
Strong ability to handle multiple competing priorities in a fast-paced environment.
Preferred
Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certification preferred.
Benefits
Medical Insurance
Life Insurance
Dental Insurance
Vision Insurance
Paid Vacation
Paid Sick Days
Paid Parental Leave
Paid Holidays
Short Term Disability
Long Term Disability
401K
Educational Assistance
Company
Jenzabar
Jenzabar provides software, strategies, and services for the administration of higher education institutions.
Funding
Current Stage
Late StageTotal Funding
$60MKey Investors
Omnicom Group
2000-04-13Private Equity· $60M
Recent News
2024-04-23
Company data provided by crunchbase