Information Security GRC Analyst
Department Summary
DISH is a Fortune 200 company that continues to redefine the communications industry. Our legacy is innovation and a willingness to challenge the status quo, including reinventing ourselves. We disrupted the pay-TV industry in the mid-90s with the launch of the DISH satellite TV service, taking on some of the largest U.S. corporations in the process, and grew to be the fourth-largest pay-TV provider. We are doing it again with the first live, internet-delivered TV service - Sling TV - that bucks traditional pay-TV norms and gives consumers a truly new way to access and watch television.
Now we have our sights set on upending the wireless industry and unseating the entrenched incumbent carriers. DISH is transforming the future of connectivity. We're doing it by building the country's first virtualized, standalone 5G wireless network from scratch. The foundation of a connected world, it's a network free of the limitations of the past, and flexible enough to satisfy all the social, economic, and transformative needs of the changing world.
We are driven by curiosity, pride, adventure, and a desire to win - it's in our DNA. We're looking for people with boundless energy, intelligence, and an overwhelming need to achieve, to join our team as we embark on the next chapter of our story.
Opportunity is here. We are DISH.
Job Duties and Responsibilities
DISH Network has an exciting opportunity for an Information Security Governance, Risk, and Compliance Analyst (GRC Analyst) at our Headquarters location in Englewood, Colorado. The GRC Analyst is a key part of our Information Security and Governance, Risk, and Compliance (GRC) teams responsible for the overall security across the organization. This position is full-time with standard work hours, has no supervisory duties, and requires very little travel. We are looking for someone who can start immediately.
The GRC Analyst will be responsible for working with subject matter experts (SME), business partners, and management to evaluate information security related issues, develop remediation and mitigation plans, document policy waivers or exceptions, and track progress towards issue closure. Issues include audit findings, control gaps, policy violations, and other security related items. To be successful in the role, the Governance Analyst should be familiar with information security and risk management concepts and standards as well as a general understanding of information technology systems and terminology.
Key responsibilities:
- Support the issue management program to ensure real-time updates are made to open issues.
- Maintain the repository of logged issues and provide reporting where required.
- Review internal policies, industry standards, and relevant regulations and understand how they apply in the DISH environment.
- Guide issue documentation through approval workflows and incorporate feedback from each stage of the review process.
- Support end user questions, and conduct training related to the issue management program.
- Develop and maintain indices, glossaries and other supporting documentation.
- Publish and distribute issue management program metrics and dashboards.
- Other responsibilities as assigned.
Work attire: Business casual
Working hours: This is a full-time position: 40 hours/week. Days and hours of work are typically Monday through Friday; 8:00 a.m. to 5 :00 p.m. or 9 :00 a.m. to 6 :00 p.m.
Skills, Experience and Requirements
Education and Experience:
- Bachelor's degree with at least 4-8 years of directly related experience or equivalent education and experience in a related discipline.
- A general understanding of SOX, PCI, CPNI, CCPA, FACTA, and similar IT Compliance and Privacy regulations as well as industry standards such as NIST 800-35 and ISO 2700x is preferred.
- General understanding of mitigation methodologies and regulatory requirements about information security, privacy, and/or data security.
Skills and qualifications:
- Basic working knowledge of information security concepts and controls.
- Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.
- Ability to work independently with little direction and/or supervision.
- Superior communication skills with the ability to ask questions, escalate roadblocks early and interact effectively at multiple levels in the organization.
- Keen attention to detail with the ability to correct on the fly and work independently.
- Analytical aptitude with an emphasis on investigative, methodical critical questioning, and logical thinking; a data-driven decision maker.
- General understanding of mitigation methodologies and regulatory requirements about information security, privacy, and/or data security.
- High-level interpersonal skills.
- Professional certification (CISA, CSIM, CIA o,r similar) is highly desired. Candidates who apply will be tested in several areas, including verbal/spelling, math/logic a,nd business problem-solving, and must meet minimum standards to be considered for this position.
- Project Management
- Self-led Learner
- Customer First Mentality
- Strong Adaptability
- Process Documentation Management
- Process Mapping Development
- Presentation Skills
- Multitasking
- General Risk Management Foundation
- General Information Security Foundation
Personality:
- Requires a well-organized, cheerful, and persuasive individual, who can manage multiple priorities at once.
- Must have good meeting management and communication skills to keep conversations focused and productive.
- Must be self-driven; able to manage schedules, meet deadlines, coordinate with others, and perform tasks with minimal supervision.
- Must have the ability to work with a diverse audience, under tight deadlines, and negotiate successful outcomes to challenging problems.
Salary Range
Compensation: $106,000.00/Year - $145,000.00/Year
Compensation and Benefits
We also offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits .
The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location. Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check.