Description Summary/Objective: This position supports the Governance, Risk, and Compliance (GRC) function by assisting in the development, implementation, and maintenance of security policies, procedures, and controls. Activities require interaction with ACA staff and third-party support teams to diagnose and resolve access problems. The position utilizes one-on-one consultancy to end users and ACA IT staff. The position's responsibilities require excellent communication and problem-solving skills, with additional focus on governance, risk management, and compliance (GRC) initiatives.
Essential Functions: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Serve as the end-user (customer) facing component of the Information Security department.
- Assist in the creation and maintenance of information security policies, standards, and guidelines.
- Conduct risk assessments to identify potential security threats and vulnerabilities, and recommend mitigation strategies.
- Communicate clearly and effectively with management to assist and resolve associate access issues that may affect daily job responsibilities.
- Ask questions to determine the nature of an issue and walk end-users (customers) through problem-solving strategies.
- Assist in configuration and ongoing usability of skip site tools and user profiles within established standards and guidelines.
- Gain feedback and follow-up with customers to ensure issues have been resolved.
- Assist in maintaining a secure computing environment within established compliance standards and guidelines.
- Ensure adherence to governance, risk management, and compliance policies and procedures.
- Conduct regular audits and assessments to identify and mitigate risks.
- Develop and implement strategies to enhance compliance with regulatory requirements.
- Participate in GRC training and awareness programs.
- Must be able to multitask while working between new hire and existing user requests.
Qualifications: - Experience with customers in a technical support capacity.
- Ability to demonstrate computer usage and knowledge of Microsoft Windows.
- Associate's degree in information security or related certifications or 2 years related work experience preferred.
- Must be a team player with the strong ability to multi-task and work in a deadline-driven environment.
- Detail-oriented with strong analytical skills.
- Ability to quickly assess problems and find workable solutions.
- Excellent interpersonal, written, and verbal communication skills.
- Knowledge of governance, risk management, and compliance principles.
- Experience with GRC tools and frameworks is a plus.
Supervisory Responsibility: This position has no supervisory responsibilities.
Work Environment and Physical Demands: This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, and fax machines.
Position Type/Expected Hours of Work: This is a full-time position with a work schedule of Monday-Friday. Some schedule variations may be required based on business needs.
Travel: Minimal travel is expected for this position.
EEO Statement: ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state, and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.