Looking for the Sr. GRC Analyst for our client in Boston, MA/Hybrid.
Local Only from MA, NH or RI and must have recent client experience from these locations
In-Person Interview
Title: Sr. GRC Analyst
Location: 10 Park Plaza, Boston, MA 02116
Duration: 6 Months with a possible extension
Minimum Requirements:
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities
- Oversee and manage NIST policy approvals and implementation at the MBTA
- Manage NIST policies within the ERM platform
- Coordinate with key stakeholders for non-NIST policies
- Research and evaluate policies to ensure they are up-to-date with current NIST guidance
- Stay aware of policy trends and new laws/guidelines from the Federal to state and local level
- Identify and implement GRC security controls based on the NIST framework.
- Manage and implement the cybersecurity awareness program including annual training, AUP acknowledgement tracking, and phishing training
Collaborate with the GRC IT Risk Analyst on various projects for the GRC Department.