This job listing has expired and the position may no longer be open for hire.

Sr. Risk & Compliance Analyst at Neptune in Duluth, Georgia

Posted in General Business 30+ days ago.

Type: Full-Time




Job Description:

Position Summary


As Governance, Risk & Compliance Analyst, you will be responsible for ensuring the organization is effectively designing, developing, and implementing security compliance controls and solutions. You will engage with stakeholders across the enterprise on all aspects of security and governance, management of policies, implementation and monitoring of controls, and management of remediation activities. The position will work closely with Information Technology, Security and Cloud Operations, and Software and Hardware Development teams, along with the business to ensure there is a consistent and common approach to implementation of security and compliance management activities.


Responsibilities:


Policy and Governance



  • Develop and maintain information security policies, standards, procedures, and guidelines in accordance with the overarching Information Security Risk Framework

  • Collaborate with Neptune departments to ensure security policies and procedures are properly interpreted and implemented

  • Develop and report security risk and compliance metrics for the enterprise, departments, processes, and individual assets

  • Collect and manage monthly security and risk KPI data; analyze and facilitate discussion with the business areas


Data / Risk Management



  • Design and implement risk management processes, including but not limited to, risk intake, risk reviews, risk registers

  • Work within organization to gain enterprise acceptance of annual security risk assessment processes

  • Engage cross-functional teams to deliver on the enterprise’s data privacy, management, and retention policies

  • Conduct organizational data audits to determine data maintained, retained, and classified and ensure data strategy practiced


Compliance



  • Support ongoing compliance activities and monitoring efforts across applicable Regulations and Standards (e.g. SOX, GDPR, SOC2, etc.)

  • Engage process and control owners to map compliance standards, evaluate deficiencies, investigate root causes, and track execution until remediation

  • Coordinate with internal and external audit teams to fulfill requirements and obligations


Security/Cloud Operations



  • Collaborate with cross-functional teams to implement compliance initiatives and security controls

  • Monitor and track activities related to control remediation or corrective action Partner with business and IT teams to develop and deliver risk mitigation plans, implement additional control activities, or document risk acceptance


Requirements


Education/Experience:



  • Typically requires a bachelor's degree (or international equivalent) and 3+ years of relevant experience


Preferred Qualifications:



  • Bachelor's degree required, preferably experience in cybersecurity, computer science, information systems, or equivalent

  • 3+ years of IT Risk Management, or IT Compliance experience

  • 2+ years hands-on experience with IT data management and data classification

  • Exceptional planning, organization, communication, presentation, multitasking, prioritization, and business analysis skills

  • Extensive knowledge and understanding of IT regulatory control frameworks (ITIL, COBIT, etc.)

  • Possess strong working knowledge of information security standards and frameworks (NIST, ISO, SOC, etc.)

  • Experience working with outsourced organizations and third-party vendors preferred

  • Advanced written and verbal communication skills

  • Strong interpersonal skills

  • Strong analytical skills and the ability to understand and document complex business process data flow


Travel Requirements: Typically requires overnight travel less than 10% of the time


Location: Tallassee, AL, Duluth, GA


#HP1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Information Systems





More jobs in Duluth, Georgia
Other
about 11 hours ago
Applications Manager II - Home Tech

Atrilogy
Duluth, Georgia
Other
about 11 hours ago
REMOTE - Core System Programmer - PowerOn (AZ, TX, CA, and NV Only)

Atrilogy
Duluth, Georgia
Other
about 16 hours ago
Application Engineer - Gears & Automation

WEG
Duluth, Georgia
More jobs in General Business
General Business
30+ days ago
Cylinder Handler

PRAXAIR DISTRIBUTION INC
Fresno, California
General Business
30+ days ago
Production Technician

Linde Inc
Indianapolis, Indiana
General Business
6 minutes ago
Clinical Marketing Manager

Linde Gas & Equipment Inc
Burr Ridge, Illinois

  • About
  • disABLEDperson, Inc. is a 501(c)3 non-profit organization whose mission is to reduce the high unemployment rate of individuals with disabilities.
  • "We are simply here to serve."
© 1999 - 2024 Disabled Person, Inc. | Terms and Privacy Policy