Connexion’s mission is to provide "best in class" services to job seekers. We strive to achieve excellence in job placement, staffing, and recruiting services, while treating candidates with the professionalism and respect they deserve.
Title: GRC Security Analyst – Enterprise Information Security
Hiring Organization: Connexion Systems & Engineering
Compensation, Benefits, and Employment Type
- Duration – Contract – 6 months +
- Pay rate: $50/hr.
- Job Location: Bedford, MA
- Job#: bh12728
GRC Security Analyst, Enterprise Information Security
- are looking for a GRC security analyst who will be a key member in our Enterprise Security Team. This position will conduct supplier security (3rd party) assessments, design and author information security policies, and conduct compliance assessment of policies and supplier security risk mitigations. The complexity of this position requires an approach that is disciplined, detailed and collaborative with the ability to work with our security managers, IT infrastructure, privacy and business teams, and suppliers. This position will report to the Senior (GRC) Manager, and will be in Bedford, MA.
- Conduct supplier security assessments in accordance with our due-diligence process and priorities established by Senior GRC Manager.
- Collaborate/Liaise with Supplier Board members, enterprise security managers, IT system and business process owners.
- Execute information risk-management lifecycle of 3rd party risks.
- Record-keeping of assessment artifacts.
- Conduct compliance monitoring of supplier related mitigations.
- Author policies to ensure ongoing maintenance of security.
- Develop procedures intended to sustain the security of the company’s data and access to its technology and communications systems. Ensure the distribution and communication of these procedures in appropriate systems and media.
- Excellent written and oral communication skills.
- 2-3+ years in a Security Governance, Risk and Compliance (GRC) function.
- Demonstrated experience with conducting a wide variety of 3rd party assessments (professional services, applications: on-premises, SaaS and cloud hosted).
- Experience with supplier assessments in manufacturing sector is a plus.
- Candidate has in-depth knowledge of security domains (Application Security, Cloud Security, Data Protection, Identity and Access Management, Vulnerability Management).
- Understanding of prevailing information security threats and risks.
- Knowledgeable of CIS-Top 20, ISO 27001 security controls.
- Knowledgeable of PCI-DSS, Data Privacy (GDPR, CCPA), Sarbanes-Oxley and other regulatory standards.
- Up-to-date knowledge of information security issues, trends, and leading practices.
- Expertise in security policy development.
- Must have a solid understanding of information technology and information security.
- Bachelor’s in Computer Science, Business Administration, and/or Information Systems preferred.
- Relevant security or risk management certifications a plus.
Bachelor’s in Computer Science, Business Administration, and/or Information Systems preferred.
Please use the apply button to submit your resume for consideration. A Connexion Representative will contact you immediately.
When responding to this job posting you MUST include the Job# and Job Title in your subject line.
If you are active in a job search but this job is not for you, please reach out to email@example.com. We would be glad to help you find the perfect job!