Risks And Compliance Analyst
CurrentTake part in the strategies for implementing policy standards to make sure rules and procedures adhere to cybersecurity policies; monitor audit results and suggestions to make sure the right mitigating measures are implemented.o Oversee the implementation of action plans, milestones, and remediation plans for tasks related to remediation that are found during risk assessments, audits, inspections, and other related procedures.o Make sure that the organization's vision and goals… Show more Take part in the strategies for implementing policy standards to make sure rules and procedures adhere to cybersecurity policies; monitor audit results and suggestions to make sure the right mitigating measures are implemented.o Oversee the implementation of action plans, milestones, and remediation plans for tasks related to remediation that are found during risk assessments, audits, inspections, and other related procedures.o Make sure that the organization's vision and goals reflect sound principles and raise management's awareness of security and control issues.o Oversee the creation of security compliance procedures and audits for outside services (like data centers run by cloud service providers).o Assist with the required compliance activities (such as making sure compliance monitoring and system security configuration guidelines are followed).o Assist in ensuring that all procurements, acquisitions, and outsourcing initiatives handle information.Requirements for control and security that are in line with corporate objectives.o Collaborate with teams responsible for process and technology delivery to guarantee that information security is appropriately taken into account and applied in the routine delivery of services, solutions, and procedures.o Support local security and technology teams by serving as a point of contact for stakeholders regarding information security and IT control delivery throughout the company.o Develop security guidelines using gap analysis as a guide.o Manage vendors by utilizing the artifacts from the third-party review (control checklist) to guide the sending and answering of questionnaires (Sig lite, Sig core, and client security questionnaires).o Perform yearly and quarterly audits, gathering and submitting evidence while collaborating with the external auditor to act as the organization's internal auditor.o Run a phishing awareness campaign every month and provide training Show less