Cybersecurity Governance, Risk, Compliance (GRC) Analyst

The Cybersecurity Governance, Risk, Compliance (GRC) Analyst facilitates and completes various activities and projects to help maintain the confidentiality, integrity and availability of the Company’s technical solutions and data.

Position Location: On-site at Covington, LA headquarters

The duties of the Cybersecurity GRC Analyst shall include, but are not necessarily limited to the following:

Audits and Assessments:

• Prepares for and participates in various internal and external audits, tests and assessments
• Conducts security audits and assessments to ensure compliance with industry standards and regulations
• Monitors and updates plan of action and milestones (POA&M) and system security plan (SSP) to help ensure compliance with applicable regulations and maintain organizational certifications
• Verifies and documents system configuration and process changes

Research:

• Manages and documents vulnerability research and impact analysis
• Researches and documents current cybersecurity laws and regulations
• Assists with maintaining risk and impact assessment register
• Researches new and emerging technical services and solutions
• Participates in identifying end-user cybersecurity training opportunities

Documentation:

• Assists with maintaining policies and procedures
• Creates and maintains guides and playbooks
• Assists with incident documentation
• Creates executive summaries containing recommendations for security solutions
• Summarizes audit and assessment findings

Asset and Solutions Management:

• Assists with inventory maintenance on all IT hardware, software, services and solutions
• Participates in solutions testing and documentation
• Assists with SIEM and vulnerability scan processes
• Works with various IT solutions providers to establish and maintain relationships

Other:

• Contributes second level technical support on the IT Help Desk.
• Monitors security tools for abnormalities and configuration changes
• Participates in cybersecurity response events
• All other duties as assigned by management.

REQUIRED QUALIFICATIONS:

• Education: High school diploma or equivalent required, bachelor’s degree and/or cybersecurity certifications a plus. Continuing professional education related to job responsibilities required.
• Experience: A minimum of 2 years of working experience in cybersecurity discipline with working knowledge of common cybersecurity frameworks such as NIST and ISO.

Skills:

• Ability to effectively communicate and collaborate with all levels of personnel in the organization.
• Ability to maintain confidentiality of all information that may be seen through the normal course of the job.
• Ability to efficiently research and audit IT solutions.
• Ability to concisely produce various forms of documentation.

Travel/Boarding Vessels:

• Must be willing to travel a minimum of 25% of scheduled work time.
• Must be willing to board and ride vessels to increase understanding of how this role supports our marine based business.
• Must be able to obtain and maintain various security clearances

COMPETENCIES:

Problem Solving

• Anticipates the impact of decisions and actions on others
• Identifies recurring problems and offers solutions based on facts and data
• Seeks out expert opinion when making decisions and solving problems
• Is thorough and attentive to detail
• Keeps his/her manager involved on important issues and/or problems

Work the Plan

• Achieves closure and follows through on tasks and projects
• Effectively multi-tasks and efficiently manages time
• Delivers a timely, complete, and accurate work product
• Clearly communicates what he/she needs from others to get the job done
• Follows established policies and procedures

Inspire Trust

• Demonstrates a strong service orientation to both internal and external customers
• Takes personal responsibility for decisions and mistakes; does not shift blame
• Is approachable and easy to deal with; handles pressure in in a calm manner
• Deals with people in a candid, straightforward, and respectful manner
• Acts with the highest level of integrity and professionalism and demonstrates a strong work ethic

Personal Learning

• Seeks professional development, training, and relevant certifications
• Remains open and non-defensive to feedback
• Demonstrates a willingness to learn new things and take on more responsibility
• Asks for feedback from his/her managers on how to improve

Collaborate

• Keeps open lines of communication with others
• Works collaboratively with people within and across departments to accomplish objectives
• Is understanding of others’ time demands and workload
• Builds personal relationships with people across the company
• Is quick to offer help to others in getting the job done

Flexibility

• Remains open-minded to others’ ideas, input, and new ways of doing things
• Makes suggestions on how to improve processes and create efficiencies
• Demonstrates flexibility to changing priorities and work demands
• Fully supports company decisions and initiatives

DEMANDS AND WORK ENVIRONMENT

Eyesight: Functional, correctable to 20/20.

Hearing: Functional, correctable to normal to perceive sounds at normal speaking levels with or without correction; Ability to receive detailed information through oral communication and to make the discriminations in sound.

Speech: Ability to express or exchange ideas by means of the spoken word.

Mobility: Unencumbered by physical limitations to perform the following activities: Sedentary work in an office environment that includes frequent sitting, standing, and walking, gross and fine motor dexterity for typing and reasonable lifting of equipment up to 25 lbs.

HOURS OF WORK

Standard office hours are Monday through Friday, 8:00am until 5:00pm and may be adjusted with approval by the department supervisor. Some work-related travel, after standard office hours and weekend work may be required, subject to company operational requirements. Regular and reliable on-site attendance is required. This position participates on the Information Technology on-call rotation as assigned and required

Job Type: Full-time

Benefits:

• 401(k)
• Dental insurance
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift

Education:

• High school or equivalent (Preferred)

Experience:

• Cybersecurity: 2 years (Preferred)

Willingness to travel:

• 25% (Required)

Work Location: In person