Global Cybersecurity Compliance Analyst :: Northbrook, Illinois (Hyrbid, Need Local with DL Copy)

Hi

Hope you are doing well.

Job Title - Global Cybersecurity Compliance Analyst

Location - Northbrook, Illinois (Hyrbid, Need Local with DL Copy)

Duration - long term contract to hire

Job Description

What you'll learn & achieve:

The Global Cybersecurity Compliance Analyst will be responsible for identifying, analyzing, reporting, and ensuring security processes and controls are designed, managed, and assessed for effectiveness to reduce overall compliance risks across the organization.

This role will be part of Global Cybersecurity Risk and Compliance Management team, reporting to the Global Cybersecurity Risk and Compliance Manager.

JOB RESPONSIBILITIES

The Global Cybersecurity Compliance Analyst candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:

• Identify, document, and conduct compliance assessments and validate the effectiveness of cybersecurity controls across the organization
• Communicates assessment issues to team owners and custodians of information risk "business partners," or information governance teams and information security teams.
• Proactively manage and maintain UL customers' requests (questionnaire) process by collaborating with relevant key stakeholders across the organization to complete/respond to cybersecurity related questions
• Partner with IT teams and other key stakeholders (e.g., Legal), advising both on applicable control requirements and potential solutions to address compliance issues
• Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence
• Stay abreast of and proactively informed on developing relevant legislative, statutory, contractual, regulatory concerns and evolving compliance control solutions
• Assists with the evaluation of the effectiveness of the information security program by developing, monitoring, gathering, and analyzing information security and compliance metrics for management.
• Assist with developing and maintain compliance and risk monitoring mechanisms such as Key Risk Indicators (KRI), reports on status of risk assessment, control effectiveness issues remediation and internal audit findings
• Understands and applies relevant regulatory and legal compliance requirements
• Perform other duties as assigned

Requirements

A successful Global Cybersecurity Compliance Analyst candidate will have the expertise and skills described below.

Education, Training and Previous Experience

Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• BS or MA in Business, Computer Science, Information Security, or a related field
• [2 ] years of work experience in information security, especially in an information cybersecurity risk role
• [2 ] years of experience in managing risk and compliance issues, or similar experience managing applications, projects or systems that require identification, evaluation, and remediation if risk
• Technical background or demonstrable understanding of a range of operational and IT risks and operations
• Strong business background; experience gathering and interpreting risks and associated impacts in the context of financial and operational concerns
• Strong understanding of compliance and risk-related issues through demonstrated experience managing, information security or regulatory compliance programs, and audits
• [4 ] years of experience with regulatory compliance and information security management frameworks (e.g., International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)

Desired, but not required:

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)

Knowledge and Skills

• Detailed understanding of cybersecurity controls and the ability to characterize the spirit of the control to our business partners/control owners.
• An ability to apply original and innovative thinking to produce new ideas. Sound understanding of different factors that make up risk (e.g., assets, vulnerabilities, controls, threats, etc.) and their relationships to one another to inform risk decisions
• Communicate control deficiencies outside the cybersecurity program in a way that consistently drives understanding, objectives, fact-based decisions that optimize the trade-off between risk mitigation and business performance.
• An understanding of organizational mission, values, goals, and consistent application of this knowledge.
• An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization.
• An ability to apply original and innovative thinking to produce new ideas. Sound understanding of different factors that make up risk and their relationships to one another to inform risk decisions
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
• An ability to effectively influence others to modify their opinions, plans or behaviors.
• Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Strong problem-solving and troubleshooting skills.

Personal Characteristics (Optional)

• Can interface with, and gain the respect of, stakeholders at all levels and roles in the company.
• Is a confident, energetic self-starter, with strong interpersonal skills.
• Has good judgment and a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• Instinctive and creative.
• Self-motivated and possessing a high sense of urgency and personal integrity.
• Highest ethical standards and values.

What you'll experience working at UL:

• Mission: For UL, corporate and social responsibility isn't new. Making the world a safer, more secure, and sustainable place has been our business model for the last 127 years and is deeply engrained in everything we do.
• People: Ask any UL employee what they love most about working here, and you'll almost always hear, "the people." Going beyond what is possible is the standard at UL. We're able to deliver the best because we employ the best.
• Interesting work: Every day is different for us here as we eagerly anticipate the next innovation that our customers create. We're inspired to take on the challenge that will transform how people live, work and play. And as a global company, in many roles, you will get international experience working with colleagues around the world.
• Grow & Achieve: We learn, work, and grow together with targeted development, reward, and recognition programs as well as our very own UL University that offers extensive training programs for employees at all stages, including a technical training track for applicable roles.
• Total Rewards: All employees at UL are eligible for bonus compensation and benefits commensurate with the standard rewards offered in each individual location or country, for the relevant position level. We also provide employees with paid time off including vacation, holiday, and sick time off.

Thanks & Regards

Akshit Sisonia - Sr. Technical Recruiter

Email -

LinkedIn -

STELLENT IT A Nationally Recognized Minority Certified Enterprise

"Happiness can be found, even in the darkest of times, if one only remembers to turn on the light."
- JK Rowling

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.