IT Security Analyst

Role Summary:

The IT Analyst, Security GRC role will be directly involved in assisting with the growth and maturity of the Governance, Risk and Compliance (GRC) areas at our client. The ideal candidate will take direction from leadership to help develop the maturity and awareness of the governance program within the organization.

Responsibilities & Essential Functions include:

1. Project Implementation. Complete assigned tasks that assist with the implementation of various projects. Develop and review project documentation, including requirements when applicable.
2. System Maintenance. Perform the maintenance of systems and technologies. Respond to reported application issues.
3. Application Administration. Assist system administrators in the setup of assigned applications. Administer security and systems interfaces.
4. Internal Support. Support the various IT systems with lifecycle management of assigned and dependent applications.
5. Documentation. Support the controlled document life cycle/retention procedures. Create documentation for relevant applications and programs. Ensure documentation is current and accurate. Documentation may include project documents, control processes, policies, standards, procedures, and templates.
6. Testing. Test application upgrades before releasing to production. Provide recommendations for application system upgrades and enhancements.
7. Training. Assist with the development of training material. Provide training to staff and other departments related to application changes, document control processes, program updates, and other relevant content.
8. On-Call Support. Provide on-call support during non-business hours to Operations on an as-needed basis.
9. Customer Service. Provide exceptional customer service.
10. Process Improvements. Assist with identifying potential opportunities to increase efficiencies and/or improvements to existing processes. Help identify gaps in the current business model and propose processes that will help move the business forward.
11. Other duties as assigned.

Position Requirements:

1. Bachelor’s degree in computer science or business desired, or equivalent combination of education, training, and experience.
2. 1-3 Years of Governance, Risk and Compliance experience.
3. Certification in at least one of the ISC2 series, ISACA series, SANS series, CompTIA Series, or Security + is required for this position.
4. Assist with the establishment, execution, and maintenance of document control processes.
5. Prepare policies, standards, procedures, and other guiding documents to support Information Technology (IT) and Operational Technology (OT) governance.
6. Evaluate existing documentation to ensure content is current and adheres to defined operating models.
7. Identify and mitigate gaps in regulatory documentation readiness through defining source documents, creating report templates, identifying best practices, etc. in collaboration with primary stakeholders.
8. Collaborate with cross-functional teams, stakeholders, and subject matter experts to gather input, feedback, and requirements in support of the IT/OT governance program.
9. Monitor and advise on pertinent policy requirements that impact the program.
10. Proofread, edit, and format technical documentation.
11. Provide policy updates in regular status reports.
12. Review and/or copy edit content developed by other members of the team.
13. Train staff and other departments on document control processes and procedures as applicable.
14. Assist with audit activities.
15. Serve as a representative on relevant projects, demonstrating ability to manage project activities, assess regulatory risks & development plans in accordance with regulatory, scientific & technical criteria.
16. Ability to travel up to 20% domestically and internationally.