IT GRC Analyst

Job Title: IT GRC (Governance, Risk, Compliance) Analyst

Location: Plano, TX

Type: Full Time Position

Job Description:

Required Experience: 7 years

• Experience in developing and maintaining IT Policies, procedures, and documentation to ensure alignment with GRC objectives and organization goals.
• Experience working with COBIT Framework, Compliance, Risk Management, Security or Audit frameworks (i.e., FFIEC, NIST 800-53)
• Experience performing gap analysis to identify areas of improvement in IT GRC processes.
• Ability to produce high quality policy documentation.
• Strong oral and written communication skills and ability to work well with others in a collaborative, complex and challenging environment, present findings, and provide recommendations.
• Must demonstrate good judgment and attention details while prioritizing and delivering wide range of challenges and tasks.
• Ability to work effectively in a team and coordinate efforts across different teams to achieve IT GRC goals.
• Proficiency in standard office software suites.
• Experience working with GRC tools used for risk assessment, compliance monitoring, and reporting.
• Strong analytical and critical thinking skills is required to process complex data.
• Aptitude for identifying and solving IT GRC-related problems and implementing solutions to improve overall security and compliance posture.

Roles & Responsibilities

• Ensure compliance with laws and regulatory requirements by updating the relevant Policies and subsequent documents, helps save customer from avoiding fines, legal issues, and operational inefficiencies.
• Improve the maturity level of Data & Technology Policies, Standards, Narratives and Controls to meet organization goals and objectives
• Primary contact for keeping up with Policy Governance change requests
• Ensure appropriate documentation in the form of Policy, standards, Process Narratives and controls, and procedures are created and updated as needed.
• Collaborate with relevant stakeholders to assess potential gaps and update policies to mitigate and to align with industry standards and regulatory (e.g: COBIT, FFIEC., etc) requirements.
• Continuously monitor and assess the effectiveness and compliance of policies, procedures, and controls.
• Ensure policies are communicated effectively and are easily accessible to all employees.
• Conduct annual reviews (or as needed) of existing policies and standards to ensure they are up-to-date, relevant, and aligned with changing business environment and regulations.
• Stay abreast of industry-specific regulations, legal requirements, and standards. Interpret and communicate the implications of these regulations to relevant stakeholders and ensure adherence to them across the organization.
• Collaborate closely with cross-functional teams, offering guidance and support to ensure these certifications are efficiently maintained, compliant with relevant standards, and aligned with the organization's security goals.
• Maintain knowledge of related security, regulatory, compliance and industry standards.
• Maintain accurate and comprehensive documentation of policies, revisions, and associated procedures.
• Perform other job-related duties as assigned.