Security Analyst - GRC - StockX Detroit, Michigan, United States Bookmark Share Print 451 0 0

Listing Description

Security Analyst - GRC Job Description


About the role


This hands-on Security Analyst - GRC position will be part of StockX's Information Security Technical Risk Management team, providing oversight, coordination, and delivering the activities supporting successful risk management activities including third parties for StockX. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements and mitigate any associated risks. 


What you’ll do



  • Lead risk/security assessments of suppliers and third-party relationships to identify, validate and remediate cybersecurity risks. 

  • Perform interviews, document design assessments and walkthroughs of cybersecurity controls.

  • Support ongoing monitoring of suppliers and third-party to review compliance against compliance and regulatory requirements.

  • Assist in managing technical risk register.

  • Assist with performing quantitative and qualitative analysis for IT processes to produce Key Risk indicators

  • Develop trusted relationships with stakeholders and other team members to gain consensus approvals on strategies, recommendations, findings and project plans etc.

  • Remain current with emerging risks as well as solution trends in the marketplace.

  • Possess an understanding of emerging technologies including but not limited to mobile and cloud technology.

  • Contribute towards process improvement of team processes, templates, and tools.


About you



  • Experience with legal and regulatory compliance standards such as SOC, SOX, GDPR, etc.

  • Knowledge of risk management, risks and controls concepts, principles of ERM and GRC concepts, information security and/or data privacy (e.g ISO27001, NIST)

  • Familiarity with NIST Cybersecurity Framework.

  • Strong understanding of fundamental information security concepts and technology.

  • Experience with IT GRC/IRM platforms is a plus.

  • Experience with IT governance, risk, and compliance management in a large global environment.

  • Excellent written and oral communication skills.

  • Strong work ethic with attention to detail.

  • Ability to excel in a fast-paced and rapidly changing environment

  • 5-7 years of experience with a bachelor's degree in Information Security or equivalent

  • CISSP, CISM, or similar preferred





Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765