The Cyber GRC Analyst will report to the GRC leader and will support the execution of Cyber Risk and Compliance Management program across the organization. This individual will contribute in the execution of the risk assessments, compliance assessments, and security awareness related activities as needed. This person will be required to acquire understanding of the people, process, technology ecosystem, cybersecurity domains, and their inter-relations across that ecosystem. The role will have a regular interaction with IT & engineering teams outside of Governance & Risk, collaborating with Enterprise Security, Engineering teams, Technology Services, and Application Security teams, to name a few.
location: FRAMINGHAM, Massachusetts
job type: Contract
salary: $55 - 70 per hour
work hours: 9am to 5pm
- Contribute to the cyber security risk assessment of products and technology solutions based on the Risk Management Framework.
- Contribute to the execution of Third-Party Risk Management program. Conduct Third-Party risk assessments based on compliance reports, external risk ratings, security questionnaires, and supporting evidence.
- Coordinate and track information technology and security related audits including scope of audits, units involved, timelines, auditing agencies and outcomes.
- Coordinate and conduct internal compliance assessments based on the organization's control framework. Assess, evaluate, and make recommendations to management regarding the adequacy of the security controls in products, processes, and technology solutions.
- Contribute to building and execution of the Security Awareness program.
- Contribute to development, building, and reporting of key performance and risk indicators.
- Educational Requirements: A Bachelor's Degree in comp science, Information Technology/Management, or related fields are highly desired but not required
- Knowledge of security frameworks:
- NST Cybersecurity Framework
- ISO 27001 Standard
- Experience with risk assessment methodologies
- Asset based risk assessments
- Process based risk assessments
- Threat based risk assessments
- Controls assessments
- 2+ years of industry experience
- strong organizational skills to juggle multiple tasks within the constraints of timelines
- Ability to work and thrive in a fast-paced environment, learn rapidly and master diverse technologies and techniques
- strong written and oral communication skills
- CompTIA Security+
- Experience level: Experienced
- Minimum 2 years of experience
- Education: Bachelors (required)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).
For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.