Job Title: GRC Analyst
Location: Remote (EST or CST preferred)
Type: 3-6 Month Contract
Job Description: The Cyber Risk team is looking for a security analyst to assist with vendor risk assessments to meet ISO 27001 compliance requirements.
To be ISO 27001 compliant, we must complete annual vendor reviews of vendors in scope for ISO based on TPRM tiering and cyber risk vendor scoring. Additionally, some vendors in scope for ISO have never had a cyber risk review and will need to be reviewed for ISO certification.
ISO compliance also requires that associated risks and security control requirements identified during the vendor cyber risk assessment are tracked and treated.
To accomplish these ISO requirements, the individual will need to be able to do the following:
- Complete Vendor Cyber Risk Assessments ensuring our policies, processes, and procedures are followed.
- Work with the Vendor Relationship Individual to document internal and external information about vendor engagement such as the data involved and the criticality of the vendor to our organization.
- Identify, record, and track security controls identified to bring vendor risks within our risk appetite and confirm evidence received for risk treatment is sufficient for audits.
- Communicate effectively and professionally with fellow employees and vendor representatives.
Individuals to be considered will have the following: - Information Technology and Cyber Security education and experience
- Certification in the fields of IT and Cyber Security
- Experience managing and documenting security controls
- Experience assessing information and cybersecurity risks and managing treatment of cybersecurity risks.
- Experience assessing vendor cybersecurity risks
- Exemplary organization skills
- Ability to multitask and quickly pivot between tasks, sometimes managing 20 or more different tasks concurrently
- Advanced critical thinking skills
- Proficient in O365 applications, specifically adept with Excel & Sharepoint
- Ability to work on a team
- Excellent communication skills including collaboration and information sharing
THIS IS A GREAT OPPORTUNITY WITH A FIRST-CLASS COMPANYGRC Analyst RED SKY Career Opportunities at:redskyconsulting.co/career-portalGRC Analyst RED SKY Consulting Candidate and Client Referral Program.2500Do you know other IT professionals?Turn those relationships into Money & help friends get workRED SKY Consulting is offering a fantastic opportunity for you to earn extra money. If you refer to us a Manager of people or skilled professionals, we will link your name to that person for 18 months.If we employ or place that individual or place people into that company thru that managerGRC Analyst RED SKY Consulting Company Overview:We are an IT and Cybersecurity staffing solutions, professional services, management consulting, and executive placement company with thousands of resources across multiple IT and Cybersecurity skill sets. Our primary US locations are Chicago, New York, Los Angeles, Atlanta, Nashville, Tampa and Denver and we have organizational arms in other domestic cities along with offshore alliances in India and Ireland. RED SKY has a 15+ year history of providing great technology talent. RED SKY has many clients including; 7 of the Fortune 10, half of the Fortune 100, and 25% of the Fortune 500 companies within the manufacturing, financial services, health care, government, consumer services, insurance, and several other industry verticals represented.
The RED SKY Foundation is being formed and will be providing fully funded college educations to underprivileged young adults in partnership with our clients starting 2022.Keys: GRC, Analyst, ISO, Risk, Cybersecurity, Threat, GRC, Analyst, ISO, Risk, Cybersecurity, Threat, GRC, Analyst, ISO, Risk, Cybersecurity, Threat, GRC, Analyst, ISO, Risk, Cybersecurity, Threat, GRC, Analyst, ISO, Risk, Cybersecurity, Threat
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX