Home 
How Blumble Works 
Search Algorithm 
Your Privacy 
About 
Facebook
Twitter
Blog
Most recent job postings at City of San Jose
via Trabajo.org
posted_at: 2 days agoschedule_type: Full-time
Job Title : Security Gov Risk, Compliance Analyst
Job type : 6-month contract with high potential to extend ( high probability to extend for the right talent ...
Experience Level : (4+) years’ experience working in governance, risk, and compliance and/or information security and risk management.
Location : 1740 Technology Dr STE 150, San Jose CA 95110 United States (100% Remote )
Schedule : Weekdays (40 hours /week )
Pay Range : $70.00/hour - $90.00/hour
Job Title : Security Gov Risk, Compliance Analyst
Job type : 6-month contract with high potential to extend ( high probability to extend for the right talent ...
Experience Level : (4+) years’ experience working in governance, risk, and compliance and/or information security and risk management.
Location : 1740 Technology Dr STE 150, San Jose CA 95110 United States (100% Remote )
Schedule : Weekdays (40 hours /week )
Pay Range : $70.00/hour - $90.00/hour + subsidized benefits on Experis’ W-2 (Dental, Healthcare, Vison, 401k)
Job ID : 227577 / Client reference Number 217
Number of Open Positions : 1
C2C: No C2C/Corp-to-Corp accepted.
Summary:
Reporting to the Director Information Security, Governance, Risk, and Compliance, the GRC analyst will contribute to the development and operational execution of the program, including risk management and compliance with standards and regulations such as ISO27001 and EU GDPR.
Job Responsibilities:
• Support the GRC operating model and the service-oriented customer engagement model.
• Support GRC capabilities, such as enterprise security risk management, compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
• Assist to manage security compliance programs and activities that support various compliance regulations.
• Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Collaborate with various operational and business teams to complete assessments and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
• Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
• Establish and maintain security metrics and reporting.
• Respond to customer security/compliance questionnaires.
• Act as security risk management “ambassador” to internal customers.
• Support the development of automation activities.
Accountable for:
• The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
• Driving remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
• Operations and improvements of security audit and compliance programs to support various compliance regulations.
• Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management. Support the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk.
Job Qualifications:
• Candidate must have 4+ years working in governance, risk and compliance and/or information security and risk management.
• Candidate must have 2+ years working on 3rd party and supply chain risk assessments.
• Functional knowledge of the CISSP security domains and information security industry standard and best practices.
• Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
• Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST, CAIQ), information security roles, security controls.
• Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, SOC2, WebTrust) and ability to glean significance from findings identified in these reports.
• Ability to communicate risk methodologies and concepts to business units and IT teams.
• Demonstrated experience with controls definition, development, implementation and assessment.
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
• Strong attention to detail, project management and organizational skills.
• Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
Benefits:
• Medical, Dental, Vision, 401k
• Weekly pay with direct deposit
• Consultant Care support
• Free Training to upgrade your skills.
• Dedicated Career Partner to help you achieve your career goals Show more details...
Job type : 6-month contract with high potential to extend ( high probability to extend for the right talent ...
Experience Level : (4+) years’ experience working in governance, risk, and compliance and/or information security and risk management.
Location : 1740 Technology Dr STE 150, San Jose CA 95110 United States (100% Remote )
Schedule : Weekdays (40 hours /week )
Pay Range : $70.00/hour - $90.00/hour + subsidized benefits on Experis’ W-2 (Dental, Healthcare, Vison, 401k)
Job ID : 227577 / Client reference Number 217
Number of Open Positions : 1
C2C: No C2C/Corp-to-Corp accepted.
Summary:
Reporting to the Director Information Security, Governance, Risk, and Compliance, the GRC analyst will contribute to the development and operational execution of the program, including risk management and compliance with standards and regulations such as ISO27001 and EU GDPR.
Job Responsibilities:
• Support the GRC operating model and the service-oriented customer engagement model.
• Support GRC capabilities, such as enterprise security risk management, compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
• Assist to manage security compliance programs and activities that support various compliance regulations.
• Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Collaborate with various operational and business teams to complete assessments and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
• Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
• Establish and maintain security metrics and reporting.
• Respond to customer security/compliance questionnaires.
• Act as security risk management “ambassador” to internal customers.
• Support the development of automation activities.
Accountable for:
• The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
• Driving remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
• Operations and improvements of security audit and compliance programs to support various compliance regulations.
• Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management. Support the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk.
Job Qualifications:
• Candidate must have 4+ years working in governance, risk and compliance and/or information security and risk management.
• Candidate must have 2+ years working on 3rd party and supply chain risk assessments.
• Functional knowledge of the CISSP security domains and information security industry standard and best practices.
• Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
• Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST, CAIQ), information security roles, security controls.
• Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, SOC2, WebTrust) and ability to glean significance from findings identified in these reports.
• Ability to communicate risk methodologies and concepts to business units and IT teams.
• Demonstrated experience with controls definition, development, implementation and assessment.
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
• Strong attention to detail, project management and organizational skills.
• Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
Benefits:
• Medical, Dental, Vision, 401k
• Weekly pay with direct deposit
• Consultant Care support
• Free Training to upgrade your skills.
• Dedicated Career Partner to help you achieve your career goals Show more details...
Norton safe Web