Governance, Risk & Compliance Analyst I

Job Description

Description:

Job Summary: The Governance, Risk, & Compliance Analyst I will assist the team in the completion of audits, identification and reporting of all security issues, prioritizing threats, and confirming threats have been mitigated in accordance with company standards. This position will assist the Chief Information Security Officer and the GRC Team Lead in processing documentation, facilitation, remediation planning, risk management, and systems implementation coordination to meet the audit, control, and compliance requirements. Additionally, they will be training others on security best practices and ensuring all security and policy training is updates and completed by all staff. GSI is a highly dynamic environment and as such the successful employee will adequately manage competing priorities in a growing department. GRC analysts ensure that the organization is adequately aligning with the information security frameworks.

Viable candidates must be willing to work onsite at GSI's headquarters in Palm Harbor, Florida daily.

Key Responsibilities:

Audit Support: Collaborate with internal and external audit and operational teams, providing documentation and evidence to demonstrate compliance and adherence to governance standards

Risk Assessment: Conduct comprehensive risk assessments to identify potential threats and vulnerabilities within the organization’s operations and platform

Compliance Monitoring: Monitor and track regulatory changes, ensuring compliance with all relevant laws, standards, and industry regulations. Serve as the lead for one audit coordinating the gathering and submission of evidence/documentation to achieve or maintain certification status for GSI

Policy Development: Assist in developing, implementing, and revising corporate policies, plans, procedures, and standards to align with best practices and compliance requirements. Also assist in SSP creation and updates as changes happen to regulatory requirements

Requirements:

Work Experience / Knowledge:

Knowledge of Industry Standards, e.g., ISO 17799/27001, FISMA/FedRAMP/StateRAMP, NIST Publications, and other Industry Related Security Standards

Experience managing multiple competing priorities in a fast-paced SaaS environment

Experience managing third-party security services, application vendors, evaluate new vendors and services

Qualifications / Certifications:

Bachelor’s Degree or equivalent combination of education and experience

Industry certifications such as GRCP, CRCMP, or CCEP are strongly preferred

Strong understanding of fundamental information security concepts and technology

Ability to excel in a fast paced and rapidly changing environment

Strong work ethic with attention to detail

Excellent communication and interpersonal skills to work effectively with cross-functional teams and external stakeholders

Detail-oriented with a commitment to maintaining the highest standards of integrity and ethics

Strong organizational skills and the ability to prioritize and manage multiple tasks efficiently

Adaptability and the capability to stay current with evolving regulations and industry trends

Special Requirements:

May also be assigned various projects and tasks as needed

Hours: Day shift. Evening and weekend hours may be required

Equal Opportunity Employer. M/F/D/V

Full-time