GRC Cybersecurity Analyst

Concord , Massachusetts

Open to Remote

Full Time

$135k - $150k

As a GRC Cybersecurity Analyst at a global travel company we are working with you will play a crucial role in ensuring the security, compliance, and risk management of our digital assets and systems. You will collaborate with cross-functional teams to assess, implement, and monitor cybersecurity policies and practices that align with industry standards and regulations.
  • Assist in the development and maintenance of the company's cybersecurity policies, standards, and procedures in accordance with industry best practices and regulatory requirements.
  • Conduct regular risk assessments to identify potential vulnerabilities and threats and provide recommendations for mitigation strategies.
  • Collaborate with IT and security teams to implement and enforce security controls and measures across the organization's digital infrastructure.
  • Monitor security systems and tools for suspicious activities, analyze security logs, and promptly respond to security incidents.
  • Participate in security audits and assessments, liaising with internal and external auditors to ensure compliance with relevant frameworks and regulations.
  • Assist in preparing and delivering cybersecurity training and awareness programs to employees, promoting a culture of security consciousness.
  • Generate reports and metrics related to cybersecurity performance, risk posture, and compliance status for management and stakeholders.
  • Participate in incident response activities, including post-incident analysis and recommendations for improvements.
  • Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or relevant certifications (e.g., CISSP, CISM, CRISC) would be a plus.
  • Strong understanding of cybersecurity principles, technologies, and best practices.
  • Familiarity with industry standards such as NIST Cybersecurity Framework, ISO 27001, and GDPR.
  • Excellent analytical and problem-solving skills, with the ability to assess and address complex security and compliance issues.
  • Effective communication skills to collaborate with technical and non-technical stakeholders and articulate security concepts clearly.
  • Experience with GRC tools and platforms for managing governance, risk, and compliance activities.
  • Ability to work independently and as part of a team in a fast-paced and dynamic environment.

Posted by: Amanda Oliver