Sr Analyst, IT Risk & Compliance

Technical Knowledge:

• The candidates MUST possess a solid working knowledge of:
• • Data privacy laws (GDPR & CCPA) and best practices.
  • Data discovery, classification, cataloging, and protection methodologies and tools such as OneTrust.
• Control frameworks and control objectives (ex NIST Privacy Framework, NIST CSF, NIST RMF, PCI-DSS, SOX, COSO, COBIT and ISO 27001, etc.)
• Operating systems, databases and middleware components.
• Conducting compliance and risk assessments.
• Management of IT and security projects.

• The candidates MUST possess familiarity and basic working knowledge of:
• • Broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security.
  • IT asset management utilizing ServiceNow (or other) Configuration Management Databases (CMDB) and network asset discovery tools.
  • Cloud-based environments and technologies with associated auditing methodologies.
  • Microsoft Office tools (Word, Excel, and PowerPoint)

Work Environment Characteristics:

• Self-motivated and results-oriented, including the ability to prioritize conflicting demands.
• Exceptional organizational skills to balance work and lead projects.
• Strong verbal and written skills.
• Candidate must be outgoing and service-oriented.
• Candidate must be able to build consensus, collaborate, and build strong relationships. with various internal and external stakeholders (business, development, security, etc.)

• Ability to adapt and apply information to new scenarios and technologies.