Senior GRC Analyst bei IQVENTURES HOLDINGS LLC

Description

IQVentures is looking for a Senior GRC Analyst to join our team and oversee our Information Security Compliance program. As a Senior GRC Analyst , you will help mature our Information Security Compliance Program and supporting activities related to development and maintenance of policies, standards, procedures, and controls. You will collaborate with the broader security team and other departments within IQVentures to advance program maturity, assess security risks, and communicate/facilitate remediation of those risks. 

Responsibilities:

• Oversee all Governance, Risk and Compliance for the IT department.
• Aid in the further development and maturation of the IT Security Risk Management Program and overall tools.
• Develop and maintain a Risk Controls Matrix (RCM) that aligns with applicable regulatory and compliance requirement frameworks
• Determine, develop, maintain, and publish corporate-level information security policies, standards, procedures, and guidelines, including incident response and compliance reporting procedures for general IT controls and SOX.
• The identification, testing, maintenance, compliance reporting and management assertion of general IT controls.
• Leads the effort to implement new versions of PCI-DSS requirements, including the reviewing of the technology lifecycle and end of life impacts (platforms, software, database) on PCI applications and Cardholder Data Environment.
• Coordinates the work of the Qualified Security Assessor (QSA), as required
• Ensures the effective maintenance of the program to monitor service providers PCI-DSS compliance status.
• Manages PCI compliance risks and issues log
• Responds to alleged violations of PCI compliance policies, procedures, and standards by evaluating or recommending the initiation of investigative procedures
• Providing organizational guidance, leadership and promoting general awareness and training of security policies and program.
• Promoting adherence to NIST and other generally accepted IT security and control practices throughout the IT landscape.
• Supervise all investigations relating to security threats, legal discovery, and violation of security policies and provide on-going communication with senior management.
• Engage in penetration studies, threat analysis, vulnerability assessments, and security audit activities to ensure IT controls and security are effective.
• Maintain close working relationships with Internal/External Auditors on Interim, Annual, Intellectual Property, SOX & regulatory engagements.
• Assist peer managers in understanding security and control deficiencies and responding to internal and external audit reports.
• Verify relevant third-party attestations to validate the necessary safeguards are in place to protect our information assets under their care Ensure that any remedial actions required by external parties are addressed, Conduct security reviews of potential third-party providers / acquisition targets
• Perform periodic information privacy risk assessments and conduct related ongoing compliance monitoring activities in coordination with the entity’s other compliance and operational assessment functions.

Requirements

Qualifications & Requirements: 

• Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) years of experience in IA/Information Security will be an acceptable substitute for a bachelor’s degree
• Minimum 5+ years in Information Security, Governance, Risk and Compliance
• Minimum 5+ years of IT and Cyber Security experience
• Regulatory compliance, including information security management frameworks (e.g.,PCI-DSS, NIST CSF, ISO2700x, SANS Top 20 Critical Security Controls, SOX, COBIT)
• Experience actively governing risks and threats 
• Experience conducting Risk Assessments and facilitating executive level risk discussions
• Physical demands for this position frequently include: the ability to remain in a stationary position, move about freely inside and occasionally outside of the office, and the operation of mechanical controls, such as a keyboard.

Preferred Qualifications:

• Experience in developing and implementing information security practices in a retail financial, or a highly decentralized corporate environment
• Information Security certifications: CISSP, CISM and CIPP
• IT Security experience in a large multi-site retail/financial retail environment.
• IT Security experience in large multi-vendor Cloud (AWS, Azure, Oracle) environments.
• Bachelor’s degree in computer science or related field 

Why Join IQVentures:

• Excellent benefits
• Work on multiple innovative consumer and business brands.
• Diverse Culture and Inclusive Environment

Our Benefits Include*:

• Access to a robust learning management system, full of e-learning modules and training programs to help boost your professional and personal development
• Paid on-the-job training & professional development programs
• Benefits available on the date of hire
• Multiple coverage levels for Medical, Dental, & Vision
• 401(k) with Company match with immediate vesting
• Health Savings Account
• Company-provided Life & AD&D Insurance
• Pet insurance
• Voluntary benefits, including short-term and long-term disability insurance, accident, critical illness and legal insurance.

IQ Ventures is an Equal Opportunity Employer. It’s our policy is not to discriminate against any applicant or employee based on actual or perceived race, age, sex or gender (including pregnancy), marital status, national origin, ancestry, citizenship status, mental or physical disability, religion, creed, color, sexual orientation, gender identity or expression (including transgender status), veteran status, genetic information, or any other characteristic protected by applicable federal, state or local law. We will provide accommodations to applicants needing accommodations to complete the application process.

At this time, IQ Ventures cannot transfer nor sponsor a work visa for this position. Applicants must be authorized to work directly for any employer in the United States without visa sponsorship. NO Relocation Assistance Offered - Local Candidates Preferred

IQ Ventures is an established, profitable technology and financial services company serving clients nationwide. Join the IQ Ventures team in our bright, modern Dublin, OH offices. IQ Ventures is well-regarded for its high integrity and collaborative leadership culture that rewards both individual thinking and team decision-making. Our leadership team is comprised of seasoned professionals who bring their vast experience and high standards of excellence to their work.

We are not accepting candidates from third-party recruiters at this time.

*Based on current benefit offering, which is subject to change with or without notice. Certain benefits are subject to the terms and conditions of the governing plan documents which should be consulted for additional details and eligibility requirements.