Cyber Security Analyst

Mightyworks       |    Location:MI       |    Country:United States Of America

<p><strong>Position Description:</strong></p> <p>&bull; Support the implementation and ongoing cadence of the GRC Component Assessment and Control Testing Processes to internal defense personnel and project teams.</p> <p>&bull; Create and publish supporting documentation for new/updated processes.</p> <p>&bull; Create and deliver audience specific training and communications for new/updated processes to IT and Business partners.&nbsp;</p> <p>&bull; Work effectively with cross-functional and cross regional stakeholders with varying levels of business/technical skills.&nbsp;</p> <p>&bull; Collect sufficient quantitative and qualitative data to accurately describe the current state, desired state, and root cause(s) of gaps, with guidance from others.&nbsp;</p> <p>&bull; Analyze the future needs of customers and the enterprise, and translate these actions to enhance and mature the GRC program.&nbsp;</p> <p>&bull; Address potential business/financial impacts, inter-related systems and risks associated with new processes and approaches.&nbsp;</p> <p>&bull; Identify risks and issues across the multiple projects that form complex programs and large projects and support their mitigation.&nbsp;</p> <p>&bull; Engage stakeholders to gain consensus on shared vision of project outcomes. . Anticipate up and down stream impacts and predicts/addresses obstacles.&nbsp;</p> <p>&bull; Identify and assist in the resolution of conflicting business goals and systemic issues to enable business value realization.&nbsp;</p> <p>&bull; Propose corrective actions to address management and governance problems within the program or project.</p> <p>&nbsp;</p> <p><strong>Skills / Experience Required:</strong></p> <p>&bull; 3-5 years experience in risk management&nbsp;</p> <p>&bull; 3-5 years experience working with control assessment and testing processes.&nbsp;</p> <p>&bull; 3-5 years experience working with ISO 27001/2 standards, Information Security policies, risks and controls.&nbsp;</p> <p>&bull; Excellent verbal and written communication.</p> <p>&nbsp;</p> <p><strong>Experience Preferred:</strong></p> <p>&bull; Process Improvement mindset.&nbsp;</p> <p>&bull; Knowledge of Application Development lifecycles.&nbsp;</p> <p>&bull; Self-Starter who can work in ambiguous situations and drive to a solution.&nbsp;</p> <p>&bull; Strong organizational skills; able to advance multiple work streams concurrently.&nbsp;</p> <p>&bull; Prior experience working on Governance, Risk and Compliance (GRC) tool would be a plus.</p> <p>&bull; Able to function as a delivery lead for key program elements associated with the position.&nbsp;</p> <p>&bull; Understanding of Compliance and Regulatory requirements e.g. (S-Ox, HIPAA, GLBA etc.).</p> <p>&nbsp;</p> <p><strong>Education Required:</strong></p> <p>&bull; B.S. Information Systems, Computer Science or equivalent work experience in the requested field</p> <p>&nbsp;</p>