Governance, Risk and Compliance (GRC) Security Analyst - HYBRID

About the position The Governance, Risk and Compliance (GRC) Security Analyst will assume, but not be limited to, the following responsibilities: Performs security assessments to determine effectiveness of implemented security controls. Assesses the security posture of systems throughout their life cycle. Leads management on risks and actions to monitor, remediate & report via the risk register. Assists with third party and supplier risk management programs and assessments. Assists in the analysis, controls, and management of risk assessments for the BSA/AML program, Identity Theft & Red Flags and other risk assessments as Assists with outside audit and certification activities including management of security questionnaires. Designs and conducts training for computer security education and awareness programs. Work effectively with IT vendors and managed services partners. Responsibilities • Performs security assessments to determine effectiveness of implemented security controls. • Assesses the security posture of systems throughout their life cycle. • Leads management on risks and actions to monitor, remediate & report via the risk register. • Assists with third party and supplier risk management programs and assessments. • Assists in the analysis, controls, and management of risk assessments for the BSA/AML program, Identity Theft & Red Flags and other risk assessments as • Assists with outside audit and certification activities including management of security questionnaires. • Designs and conducts training for computer security education and awareness programs. • Work effectively with IT vendors and managed services partners. Requirements • B.S. or equivalent in Computer Science, Information Science & Technology, or related field. • 3+ years of experience in governance, risk, compliance, audit or information security within a regulated financial services environment. • Experience in GLBA and Credit Union Compliance • Working knowledge of NIST SP 800 series, ISO/IEC 27000 series, and similar standards. • Excellent verbal and written communication skills. • Excellent oral, written and interpersonal skills with the ability to influence and work effectively with diverse groups of peers and business partners • Detail oriented with a demonstrated ability to work on multiple tasks simultaneously with strong organizational and prioritization skills Nice-to-haves • CISSP, CISA,or CISM preferred. • Other information security certifications highly desired. Benefits • Medical, dental, and vision insurance • Life insurance • 401k Retirement Plan (matching contribution=5%, immediate vesting) • Paid Time Off (PTO) • Paid Holidays • Educational Reimbursement Apply tot his job