GRC Cybersecurity Analyst
Concord , Massachusetts
Open to Remote
Full Time
$135k - $150k
As a GRC Cybersecurity Analyst at a global travel company we are working with you will play a crucial role in ensuring the security, compliance, and risk management of our digital assets and systems. You will collaborate with cross-functional teams to assess, implement, and monitor cybersecurity policies and practices that align with industry standards and regulations.
Responsibilities:
Responsibilities:
- Assist in the development and maintenance of the company's cybersecurity policies, standards, and procedures in accordance with industry best practices and regulatory requirements.
- Conduct regular risk assessments to identify potential vulnerabilities and threats and provide recommendations for mitigation strategies.
- Collaborate with IT and security teams to implement and enforce security controls and measures across the organization's digital infrastructure.
- Monitor security systems and tools for suspicious activities, analyze security logs, and promptly respond to security incidents.
- Participate in security audits and assessments, liaising with internal and external auditors to ensure compliance with relevant frameworks and regulations.
- Assist in preparing and delivering cybersecurity training and awareness programs to employees, promoting a culture of security consciousness.
- Generate reports and metrics related to cybersecurity performance, risk posture, and compliance status for management and stakeholders.
- Participate in incident response activities, including post-incident analysis and recommendations for improvements.
- Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or relevant certifications (e.g., CISSP, CISM, CRISC) would be a plus.
- Strong understanding of cybersecurity principles, technologies, and best practices.
- Familiarity with industry standards such as NIST Cybersecurity Framework, ISO 27001, and GDPR.
- Excellent analytical and problem-solving skills, with the ability to assess and address complex security and compliance issues.
- Effective communication skills to collaborate with technical and non-technical stakeholders and articulate security concepts clearly.
- Experience with GRC tools and platforms for managing governance, risk, and compliance activities.
- Ability to work independently and as part of a team in a fast-paced and dynamic environment.
Posted by: Amanda Oliver