Enterprise IT Security Analyst

Job Title: Information Security Analyst - GRC

Job Description:
As an Information Security Analyst - GRC, you will be responsible for developing, implementing, and managing our GRC programs. You will ensure compliance with industry standards such as SOC 2 and ISO 27001, and frameworks like NIST 800-30. Your role will involve working closely with various teams to identify risks, implement controls, and ensure the security of our cloud environments.

Key Responsibilities:

• Develop, implement, and manage GRC programs to ensure compliance with SOC 2, ISO 27001, and NIST 800-30.
• Conduct risk assessments and develop risk management strategies.
• Implement and monitor security controls to protect information assets.
• Conduct vendor risk assessments to evaluate and mitigate risks associated with third-party vendors.
• Respond to RFIs (Request for Information) and client inquiries regarding security and compliance.
• Develop and maintain security policies, procedures, and standards.
• Collaborate with cross-functional teams to ensure security controls are integrated into all aspects of the organization.
• Conduct regular audits and assessments to identify and remediate security vulnerabilities.
• Provide guidance and support for security incident response and remediation efforts.

Must have Qualifications:

• Bachelor s degree in Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in information security, with a focus on GRC.
• Deep knowledge of SOC 2 compliance.
• Experience in Vendor Risk Management.
• Experience in responding to RFIs and client questionnaires.
• Strong understanding of Governance, Risk Management, and Compliance (GRC) frameworks and best practices.
• Relevant certifications such as CISSP , CISA , Security+ or equivalent.

Good to Have Qualifications:

• Experience with compliance tools such as Vanta and Drata.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration skills.
• Experience with cloud security and implementing security controls in AWS or Azure environments.
• Proficiency in vulnerability management and security awareness training.
• Experience planning and executing phishing campaigns.

Notified is committed to creating a more connected world by providing you with the tools you need to amplify your story. Together, our platform and our people elevate public relations, investor relations, and marketing for over 10,000 global customers.

We believe everyone has a story to tell and we re passionate about helping people and brands amplify their stories across the globe. We are proud to be the number one provider of enterprise webcasting and investor relations content distribution, as well as a global leader in press release distribution. Our clients have used Notified to monitor over 2 billion social media conversations and every year we run more than 100,000 events!

Our products are built so storytellers can do their best work. But we re not just a platform personalized, caring service is how we operate. We add a personal touch to everything we do. We strive to deliver wisdom and insight by helping our clients reach global and targeted audiences, measure outcomes, and fulfill their commitments.

CULTURE AND BENEFITS

At Notified, we aim to help our employees, and their families maintain a healthy work/life balance and build a financially secure future. Self-development and learning are key with all our global employees having access to our internal learning and development university DevelopU for career and skills enhancement.

EXAMPLE OFFERINGS:

• International work environment - we have offices in 17 countries
• Opportunities for innovation and creativity
• Hybrid work schedule (office/home)
• Comprehensive health insurance with localized options
• Extensive learning opportunities via our in-house virtual university with >8,000 online courses, videos, business books and certification preps
• Location-specific social outings and company events with amazing colleagues, such as laser tag, board game night, and company-wide trivia night

At Notified we dont just accept difference - we celebrate it, support it, and build success upon it. We are proud to be an equal opportunities employer and no part of this advertisement is intended to discriminate on any grounds.