Information Security Governance, Risk and Compliance (GRC) Analyst

Company: The Computer Merchant, LTD.
Location: Boston
Posted on: May 29, 2023

Job Description:

JOB TITLE: Information Security Governance, Risk and Compliance (GRC) AnalystJOB LOCATION: Boston, HybridWAGE RANGE*: 50-58/hr.JOB NUMBER: 23-01118JOB DESCRIPTIONInformation Security Governance, Risk and Compliance (GRC) AnalystThe Massachusetts Department of Transportation (MassDOT) is actively hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission which is to protect the confidentiality, integrity, and availability of MassDOT's digital information and systems.GRC is a key pillar of the MassDOT Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks. In the next chapter of our GRC program, we will be expanding our implementation and tracking of security safeguards across the organization. We need your help!The InfoSec GRC Analyst role will report to the GRC Lead and will work closely with the Chief Information Security Officer (CISO) and InfoSec Lead.The ideal candidate is a self-starter with a passion for building relationships and collaboration. The candidate should have strong written and verbal communication skills.Sample Duties and Responsibilities:Ability to read, comprehend, and analyze published:laws and regulations, security policies and standards, and information sharing agreements.leading security frameworks such as the National Institute of Standards and Technology (NIST) SP 800-53 Security and Privacy Controls for Information Systems and Organizations.security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.Contribute to the continuous improvement of the InfoSec GRC function at MassDOT.Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.About YouRequiredTwo plus (2+) years of training or practical experience in IT OperationsTwo plus (2+) years of training or practical experience in Information Security Risk ManagementStrong work ethic, great time management, and highly inclusive team playerEffective verbal and written communicatorAuthorization to work indefinitely in the U.S. Preferred:Bachelor's degree or equivalent in Cyber/Information SecurityIndustry certifications such as CISSPPrevious experience on a GRC team in a large organizationExcellent writing skillsEqual Opportunity Employer Veterans/Disabled* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.PDN-99192b52-dd4c-413b-a3ce-767e52f34ad5

Keywords: The Computer Merchant, LTD., Boston , Information Security Governance, Risk and Compliance (GRC) Analyst, Professions , Boston, Massachusetts