What are the responsibilities and job description for the GRC (Governance, Risk, Compliance) Analyst position at Cosmic-I LLC DBA Northern Base?
Job Details
Job Description
GRC (Governance, Risk, Compliance) Analyst
Experience in developing and maintaining IT Policies, procedures, and documentation to ensure alignment with GRC objectives and organization goals.
Experience working with COBIT Framework, Compliance, Risk Management, Security or Audit frameworks (i.e., FFIEC, NIST 800-53)
Experience performing gap analysis to identify areas of improvement in IT GRC processes.
Ability to produce high quality policy documentation.
Strong oral and written communication skills and ability to work well with others in a collaborative, complex and challenging environment, present findings, and provide recommendations.
Must demonstrate good judgment and attention details while prioritizing and delivering wide range of challenges and tasks.
Ability to work effectively in a team and coordinate efforts across different teams to achieve IT GRC goals.
Proficiency in standard office software suites.
Experience working with GRC tools used for risk assessment, compliance monitoring, and reporting.
Strong analytical and critical thinking skills is required to process complex data.
Aptitude for identifying and solving IT GRC-related problems and implementing solutions to improve overall security and compliance posture.
Roles & Responsibilities
Ensure compliance with laws and regulatory requirements by updating the relevant Policies and subsequent documents, helps save customer from avoiding fines, legal issues, and operational inefficiencies.
Improve the maturity level of Data & Technology Policies, Standards, Narratives and Controls to meet organization goals and objectives
Primary contact for keeping up with Policy Governance change requests
Ensure appropriate documentation in the form of Policy, standards, Process Narratives and controls, and procedures are created and updated as needed.
Collaborate with relevant stakeholders to assess potential gaps and update policies to mitigate and to align with industry standards and regulatory (e.g: COBIT, FFIEC., etc) requirements.
Continuously monitor and assess the effectiveness and compliance of policies, procedures, and controls.
Ensure policies are communicated effectively and are easily accessible to all employees.
Conduct annual reviews (or as needed) of existing policies and standards to ensure they are up-to-date, relevant, and aligned with changing business environment and regulations.
Stay abreast of industry-specific regulations, legal requirements, and standards. Interpret and communicate the implications of these regulations to relevant stakeholders and ensure adherence to them across the organization.
Collaborate closely with cross-functional teams, offering guidance and support to ensure these certifications are efficiently maintained, compliant with relevant standards, and aligned with the organization's security goals.
Maintain knowledge of related security, regulatory, compliance and industry standards.
Maintain accurate and comprehensive documentation of policies, revisions, and associated procedures.
Perform other job-related duties as assigned.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
