What are the responsibilities and job description for the Senior IT GRC Policy Analyst position at Kforce Inc?
Responsibilities
Kforce has a client in need of a Senior IT GRC Policy Analyst in Boston, MA. Responsibilities:
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client in need of a Senior IT GRC Policy Analyst in Boston, MA. Responsibilities:
- Senior IT GRC Policy Analyst will oversee and manage all policies including revisions
- Develop and manage the policy exception process including metrics and reporting
- Coordinate with key stakeholders on policies and standards
- Research and evaluate policies to ensure they are current and follow all applicable laws, regulations, and guidelines
- Identify and implement GRC security controls based on the NIST framework
- As a Senior IT GRC Policy Analyst, you will manage the cybersecurity awareness program including annual training, phishing training, and special group training
- Collaborate within the GRC team on larger GRC projects around risk analysis and compliance requirements
- 3-to-5 years of experience working with NIST Cybersecurity Framework, and familiarity with NIST 800-53 Rev. 5
- 3-to-5 years of experience managing a policy program including updating current policies, tracking exceptions, and developing and reporting out metrics
- 3 -to-5 years of experience working with security content platforms and developing curricula for cybersecurity training
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
