Senior Analyst, IT Governance, Risk, and Compliance (GRC) at Prologis
Prologis is the global leader in logistics real estate. We own, manage and develop high-quality properties in the world’s most vibrant centers of commerce, approximately 990 million square feet in 19 countries. Some of the world’s largest brands (e.g., Amazon, BMW, DHL, FedEx, Pepsi) turn to us because they know an efficient supply chain will make their businesses run better, and a strategic relationship with Prologis will create competitive advantage. As the top ranked U.S. company and sixth overall among the Global 100 Most Sustainable Corporations in the World, we take our global footprint seriously.
Job Title:Senior Analyst, IT Governance, Risk, and Compliance (GRC)
Do you want to play a role in global commerce?
The IT Governance, Risk, and Compliance (GRC) Senior Analyst will assist with maturing the IT GRC function at Prologis by supporting the assessment and mitigation of key risks in the Prologis environment. This position is focused primarily on issues in the GRC domains of risk management, compliance management, and vendor management. The person in this role will work closely with individuals across the organization to understand business needs and recommend and implement new or enhanced requirements/controls. This role resides within the IT Governance team.
What’s needed in order to do that:
- Perform IT risk assessments and recommend risk mitigation strategies
- Assist with development and management of insider threat risk mitigation controls
- Assist with legal hold, eDiscovery, and inter-department investigations
- Identify recurring problems and risks and recommend proactive measures to eliminate
- Perform annual maintenance and audit of NIST Cybersecurity Framework (NIST CSF) across organization
- Assist with implementing controls consistent with NIST CSF
- Maintain awareness of laws, rules, and regulations governing IT risk, compliance, audit, privacy, and security in the Prologis environment
- Incorporate global privacy laws and regulations for the markets in which Prologis operates
- Provide assistance with regulatory and risk management activities across IT functional areas
- Work with IT and business teams to ensure systems and application compliance
- Assist with IT SOX Audit
- Assist with maturing and managing the third-party risk management function including understanding business goals, administering vendor security questionnaires, obtaining and reviewing supporting documentation, and documenting results and recommendations
- Contribute to creation and maintenance of the evolving GRC roadmap
- Use market research, stakeholder feedback, and analytic data to understand business needs and identify new requirements
- Remain current on emerging security and privacy risks, trends, and technologies and share key findings with team
- Assist with documenting, implementing, and communicating IT policies and procedures
- Support and enhance IT policies and processes for data security and privacy
- Assist with selecting and implementing GRC software
- Support projects focusing on control processes, documentation, and compliance routines
Tell us if you’re ready
- College degree or 3 years of experience in audit or compliance
- 3+ years of experience in IT GRC, IT security, privacy and/or IT audit role
- Self-led learner
- Strong analytical, organizational, and interpersonal skills
- Strong communication skills needed in presenting control and risk matters in an understandable way across various forums and levels of the organization with the right level of detail
- Show tact, discretion, confidentiality, and good judgement in handling sensitive and confidential matters and documentation
- Strong adaptability to shifting corporate and regulatory environment
- General knowledge of global privacy standards
- General risk management and information security knowledge
- Relevant certification or ability to acquire within 12 months of employment (i.e. CISA, CRISC, CIPP/US/EU)
- Experience applying controls in a cloud environment
- Experience working with the NIST CSF, HIPAA Privacy & Security rule, GDPR, other international and US state privacy laws
Hiring Salary Range of $91,000 - $114,000. Salary and whole compensation package (bonus target) to be determined by the candidate’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.
All full-time roles in the US come with a robust benefits package which includes healthcare, dental, and vision insurance for employees and eligible dependents. Prologis also offers several other wellness, financial, and work/lifestyle-specific benefits. Our 401(k)-retirement plan has a company match of 50% up to 12% of eligible compensation. We also offer generous PTO with a starting accrual of 22 days a year in addition to paid holidays and volunteer time.#LI-LG
Each of us working at Prologis plays an essential role in the enduring success of our company. We value people who are decisive, courageous and adaptable. While we are one company, locations and departments operate with autonomy and accountability. Individuals take the initiative here.
When you join Prologis, you work shoulder to shoulder with some of the top talent in the industry to do the best work of your career. Every employee belongs. Every employee contributes. Employees advance their careers here.
As a successful global enterprise, Prologis has never lost sight of what matters most, our strong belief that our people are the most important part of our business. And because of that, we provide a generous total rewards package and take a lot of time to focus on quality management and leadership development. People come first here.All job offers are contingent upon successful completion of drug screen and background verification. Prologis is an Equal Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religions, sex, national origin, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by law.
Employment Type:Full time
As a condition to the commencement of your employment, Prologis requires proof of full vaccination against COVID-19. You are considered fully vaccinated two (2) weeks after your second dose in a two-dose series, such as the Pfizer or Moderna vaccines, or two (2) weeks after a single-dose vaccine, such as the Johnson & Johnson vaccine. In addition, due to how highly transmittable the Omicron variant is, we are now requiring all employees to get a vaccine booster when eligible. Prologis will consider requests for a reasonable accommodation as to the vaccination requirement on the basis of a disability or sincerely-held religious belief in accordance with applicable law.