[Remote] GRC Analyst
Note: The job is a remote job and is open to candidates in USA. Direct Travel is a leading provider of corporate travel management services, offering customized travel programs for over 40 years. They are seeking a detail-oriented Governance Risk and Compliance (GRC) Analyst to manage Security & Compliance risk, conduct audits, and improve the security posture of the company.
Responsibilities
⢠Conducts audits of internal information security, compliance and privacy processes
⢠Ensures timely resolution to all audit and risk assessment findings or issues
⢠Manages OneTrust GRC reporting portal
⢠Appropriately communicates audit reports, gaps or recommendations to company management, and tracks any open concerns or questions to resolution
⢠Identifies potential technologies, processes or solutions that could improve the security posture of the company
⢠Contributes to the development of security standards, access controls, and compliance requirements of applications, network infrastructure, servers and workstations
⢠Serves as subject matter expert regarding information security and compliance policy
⢠Maintains awareness of current and emerging threat landscapes
⢠Assists in reporting security & compliance metrics to management
⢠Supports additional audit and governance functions as assigned
⢠Earns the trust and respect of the Direct Travel team
⢠Grows into a role with increasing responsibility
Skills
⢠Direct experience with achieving successful annual PCI Compliance, SSAE18 SOC 2 attestations and/or ISO 27001 certifications
⢠1-3 years of experience leading information security audits with a preference for IS0 27001 and SOC 2 audits or assessments
⢠1-3 years of experience as an IT, security or compliance analyst, with experience developing security strategy and policy
⢠Experience authoring policies and procedures
⢠Solid knowledge of ISO 27001, NIST 800-53, NIST 800-171, NIST CSF
⢠Experience with full Governance, Risk Management and Compliance Lifecycle
⢠Personal integrity
⢠Self-motivated, self-disciplined, and self-governed. You hold yourself to a higher standard than others
⢠Highly consultative and collaborative nature
⢠Excellent communications and presentation skills, with the ability to convey complex technology concepts to non-technology stakeholders
⢠The discipline to work effectively from remote location
⢠Degree in computer science, information systems, information security, or a related discipline. Equivalent work experience will also be considered
⢠Experience with Payment Card Industry (PCI) Compliance
⢠Excellent analytical and stakeholder engagement skills
⢠Strong organization and planning skills
⢠Successfully pass background check
⢠Must be able to lawfully work within the US and have unrestricted work authorization for US
⢠Ability to travel up to 15% if required
Benefits
⢠Medical, Dental, and Vision benefits
⢠Employee rewards and recognitions program
⢠Total Rewards Package which includes Wellness, Sustainability, DE&I initiatives, and Mental Health Support
Company Overview
⢠Direct Travel is a leading provider of corporate travel management services. It was founded in 1984, and is headquartered in Atlanta, Georgia, USA, with a workforce of 1001-5000 employees. Its website is https://www.dt.com/gitravel/.
Apply To This Job
Responsibilities
⢠Conducts audits of internal information security, compliance and privacy processes
⢠Ensures timely resolution to all audit and risk assessment findings or issues
⢠Manages OneTrust GRC reporting portal
⢠Appropriately communicates audit reports, gaps or recommendations to company management, and tracks any open concerns or questions to resolution
⢠Identifies potential technologies, processes or solutions that could improve the security posture of the company
⢠Contributes to the development of security standards, access controls, and compliance requirements of applications, network infrastructure, servers and workstations
⢠Serves as subject matter expert regarding information security and compliance policy
⢠Maintains awareness of current and emerging threat landscapes
⢠Assists in reporting security & compliance metrics to management
⢠Supports additional audit and governance functions as assigned
⢠Earns the trust and respect of the Direct Travel team
⢠Grows into a role with increasing responsibility
Skills
⢠Direct experience with achieving successful annual PCI Compliance, SSAE18 SOC 2 attestations and/or ISO 27001 certifications
⢠1-3 years of experience leading information security audits with a preference for IS0 27001 and SOC 2 audits or assessments
⢠1-3 years of experience as an IT, security or compliance analyst, with experience developing security strategy and policy
⢠Experience authoring policies and procedures
⢠Solid knowledge of ISO 27001, NIST 800-53, NIST 800-171, NIST CSF
⢠Experience with full Governance, Risk Management and Compliance Lifecycle
⢠Personal integrity
⢠Self-motivated, self-disciplined, and self-governed. You hold yourself to a higher standard than others
⢠Highly consultative and collaborative nature
⢠Excellent communications and presentation skills, with the ability to convey complex technology concepts to non-technology stakeholders
⢠The discipline to work effectively from remote location
⢠Degree in computer science, information systems, information security, or a related discipline. Equivalent work experience will also be considered
⢠Experience with Payment Card Industry (PCI) Compliance
⢠Excellent analytical and stakeholder engagement skills
⢠Strong organization and planning skills
⢠Successfully pass background check
⢠Must be able to lawfully work within the US and have unrestricted work authorization for US
⢠Ability to travel up to 15% if required
Benefits
⢠Medical, Dental, and Vision benefits
⢠Employee rewards and recognitions program
⢠Total Rewards Package which includes Wellness, Sustainability, DE&I initiatives, and Mental Health Support
Company Overview
⢠Direct Travel is a leading provider of corporate travel management services. It was founded in 1984, and is headquartered in Atlanta, Georgia, USA, with a workforce of 1001-5000 employees. Its website is https://www.dt.com/gitravel/.
Apply To This Job