Senior Cyber GRC Analyst

| Greater Denver Area
Sorry, this job was removed at 12:15 p.m. (MST) on Thursday, December 19, 2019
Find out who's hiring remotely in Greater Denver Area.
See all Remote Cybersecurity + IT jobs in Greater Denver Area
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

This role reports to the VP, Information Security and performs internal audits, risk assessments and third-party vendors reviews to ensure compliance to company security policies. Responsible for supporting the business in fulfilling security information requests associated with Proposals (RFP), questionnaires, sales questions, third party risk assessments and audits. Reviews customer and prospect contracts and provides suggested alternatives regarding client requested contractual security requirements. Collaborates with Sales, Legal, Customer Success and Engineering to build and maintain an in-depth understanding of each areas environment and security controls to ensure timely and accurate responses to security information requests. Determines what information can be shared with customers and external parties at different phases of the client relationship to provide assurance with the Security Program, without compromising the IT Security posture of the organization.

Key Responsibilities:

Internal Audit, Compliance and Risk Assessments

  • Conduct scheduled internal audits as per prescribed Cybersecurity Frameworks
  • Prepare and lead Cybersecurity Framework audits driving compliance
  • Perform risk assessments related to infrastructure, platforms and applications as per risk management framework
  • Configure and implement tools to manage, monitor and escalate internal risks 

Customer security risk assessments  

  • Review and edit security questionnaires and RFPs as well as fielding questions detailing security capabilities.
  • Lead prospect, customer and third-party security meetings reinforcing the businesses security and compliance program.

Contract reviews

  • Hands-on iterative review of security/compliance aspects of new and renewed customer contracts.
  • Provides suggestions and contract redlines regarding what security terms we can accept from clients.

Third Party Risk Management

  • Lead vendor and third-party risk management process

Minimum Qualifications:

  • Knowledge in auditing security frameworks that may include ISO 27001, SOC 2 and HITRUST.
  • Contract Management, Information Technology, IT Risk, IT Audit, InfoSec or similar experience required.
  • Excellent attention to detail required and strong issues spotting, drafting and communication skills required.
  • Must be client service focused with ability to successfully partner with internal stakeholders.
  • Must be able to multi-task and independently manage workflow / priorities and solve problems within company guidelines.

 Preferred Qualifications:

  • Knowledgeable in security best practices (ISO 27001, SOC 2, HIPAA, etc.)
  • Knowledgeable of privacy best practices (Privacy Shield, GDFR, Safe Harbor, etc.)
  • Familiarity with systems and tools including: IDS/IPS, HIDS, SIEM, AV, vulnerability assessments, etc.
  • CISSP, CISM/CISA, CRISC or other industry InfoSec certification a plus

 About Convercent:

Robust. Agile. Collaborative. And you should see our software. Bringing the transformative power of the cloud to the compliance and ethics industry, Convercent's award-winning SaaS solution empowers our customers to be more effective and efficient in managing their compliance efforts and mitigating risk. With an inclination towards innovation, Convercent is helping our customers raise the standard--and expectations--for how companies safeguard their financial and reputational health. 

Convercent is an equal opportunity employer and all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.


Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Location

RiNo/Cole @Industry Rino Station

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about OneTrustFind similar jobs