GRC Specialist - IT Helpdesk Technician

Title: GRC Specialist – Helpdesk Technician – IT

Success Factors: Exceed the expectations of our residential and business clients through superior service, simple processes, and effective communications.

We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork, learning and cooperation.

Primary Function

We are a Managed Security Services Provider (MSSP): This position is a SME contributor as a part of the Information Security Operations Center (SOC) group. This individual must have broad knowledge of cybersecurity related disciplines and auditing methodology. This role is a mix of Security Analyst, Helpdesk SME, GRC specialist and Auditor. The individual is responsible for Security related tasks including the day-to-day administration of the different information security monitoring and provisioning systems, controls and reviews, creation of new processes and facilitating ongoing assessments/audits.

Direct Reports: ☐ Yes ☒ No

Principal Duties

List of required duties below.

• Resource the Global Security Operations Center (SOC) located in Cape Coral, Florida. It is anticipated the person will work from this work location primarily.
• Support IT compliance program: Assist in developing, implementing, and executing our Customer’s IT compliance program.
• Identify SOX/SOC/Regulatory issues: Determine the proper root cause and provide guidance on potential remediation actions.
• Identify and address audit concerns: Recognize existing or potential issues and conduct further research, as necessary. Examples include: Segregation of Duties (SoD) concerns, improvements to processes, and evidence of approval.
• Collaborate with cross-functional teams: Interface with various departments, consultants, and vendors to participate in SOX/SOC audits and recommendations meetings.
• Liaison with auditors: Facilitate communication with external and internal auditors, acting as a liaison between auditors and the IT department.
• Align policies and procedures: Provide input to align IT and Security policies, standards, and procedures with compliance requirements.
• Support compliance with laws and regulations: Assist process owners, control owners, control performers, and compliance coordinators in ensuring controls are well-defined and compliant with applicable laws and regulations.
• Continuous monitoring: Experience in building control testing and evidence collection to efficiently collect and analyze the effectiveness of controls.
• Evaluate security and controls: Assess the security and controls of various on-premises and cloud-based technologies.
• Create documentation as needed and ensure it reflects a high level of quality.
• Additional duties as required by management.

Education and Experience

• Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent industry experience
• Holds or is working toward one or more of the following: CISSP, CISA, CRISC, CGEIT, or GRCP
• At least 3 years' experience in cybersecurity or audit and exposure with various security frameworks.
• Experience and understanding of various regulatory requirements and laws, including but not limited to: SOX, FFIEC and GLBA. Additional experience in one or more of the following: ISO 2700X, ITIL, or NIST.

Knowledge, Skills, And Abilities

• Knowledge of IT controls and governance frameworks: Demonstrate a fundamental understanding of general computer control areas, IT governance frameworks, and Sarbanes-Oxley
• Experience with internal controls design and implementation: Possess fundamental experience in designing and implementing a system of internal controls, preferably within a large-scale management-led SOX organization.

This position requires a customer-oriented, dynamic personality that is willing to learn at a rapid rate. Empathy, understanding, a sense of humor and strong technical acumen will serve this role well. While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.

Please respond to: rlfulton@cyberguardpro.com or visit our Careers page at https://cyberguardpro.com/careersTips: Provide a summary of the role, what success in the position looks like, and how this role fits into the organization overall.

Responsibilities

[Be specific when describing each of the responsibilities. Use gender-neutral, inclusive language.]

Example: Determine and develop user requirements for systems in production, to ensure maximum usability

Qualifications

[Some qualifications you may want to include are Skills, Education, Experience, or Certifications.]

Example: Excellent verbal and written communication skills