We are seeking a highly skilled and motivated Security Generalist with expertise in Governance, Risk, and Compliance (GRC) to join our dynamic team. The ideal candidate will play a crucial role in ensuring the organization’s security controls align with best practices. This role requires a comprehensive understanding of security governance, risk management, and compliance frameworks as well as a general understanding of other security areas. The Senior Security Analyst – GRC is a key role in Client’s rapidly growing security team, focused on security transformation across our business units.
Basic Qualifications
- Action Oriented & Drive for Results: Enjoys working hard; is action oriented and full of energy for the things seen as challenging; not fearful of action with minimum of planning; seizes opportunity to drive business objectives forward. Can be counted on to meet or exceed goals successfully; is consistent in performance and strives to be a top performer; very bottom line oriented; steadfastly pushes self and other for results. Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn’t stop at the first answers.
- Critical Thinking & Continuous Development: Can effectively cope with change; can shift gears comfortably; ability to synthesize objectives across the organization and take appropriate action without having the total picture; isn’t upset when things are up in the air; can comfortably handle risk and uncertainty. Learns quickly when facing new problems; a relentless and versatile learner; open to change; analyzes both successes and failures for clues to improvement; experiments and will try anything to find solutions; enjoys the challenge of unfamiliar tasks; quickly grasps the essence and the underlying structure of anything. Deals with concepts and complexity comfortably; capable, and agile. Applies new learnings to enhance productivity and quality of the work without prompting. Seeks and applies efficiencies in day-to-day work, constantly improving and streamlining processes to achieve company objectives.
- Communication & Relationship Building: Has the ability to perceive reactions via non-verbal signals of others, reason with others to promote thinking and cognitive activity, understand drivers of decisions by interpreting the cause of other’s reactions and what it may mean, and manage relationships by working collaboratively to reach the best outcome for the company. Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect. Actively and consistently seeks to work cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually beneficial partnerships, leverage information, and achieve results. Serves as a collaboration catalyst that motivates others to want to collaborate as well.
Responsibilities
- 5+ years of experience in information security, risk management, and/or compliance roles.
- Demonstrated experience performing technical and procedural risk assessments, creating risk registers, measuring security control health, and/or reporting risks to internal stakeholders.
- Hands-on experience with security tooling (such as external vulnerability scanners, cloud security tools, etc.) is preferred.
- Professional certifications such as CISSP or CRISC are preferred.
- In-depth knowledge of security frameworks, standards, and regulations such as NIST and CIS.
- Strong analytical and problem-solving skills.