Senior Security Analyst GRC
Entegral is seeking an ambitious and talented career-minded security professional who would like to make a difference in utilizing their skill set while working in a thriving agile-methodology software development environment. Entegral creates integrated systems that enable communication and collaboration between tens of thousands of collision repair shops, insurance providers and other industry professionals around the world.
What you'll do
You'll provide information security subject matter expertise in Governance, Risk and Compliance to help maintain and improve the company’s security posture by developing, testing, implementation, and maintenance of security policies and programs. Performing security risk and compliance assessments, reporting on results of such assessments, and helping develop and maintain key performance metrics to monitor and measure compliance with established policies and standards. You'll also ensure that appropriate security is designed into our IT applications and that appropriate and effective security policies are in place to support the business requirements and meets information security principles.
Your other responsibilities in the role will include:
- Proactively monitor changes in industry standards, laws and regulations, contractual requirements, organization’s technology and organizational landscape, risk profile, and risk appetite. Analyze applicability and impact, and translate into policies and standards changes.
- Maintain information security policies, standards, and technical guidelines to support business objectives and regulatory compliance
- Provide subject matter expertise for policy content, intent, and applicability of security requirements
- Promote and disseminate policy, standards, and technical guidance to the organization through the creation and delivery of presentations and white papers for medium to large audiences
- Develop, maintain, and execute security and risk assessment methodologies and operational processes
- Effectively and professionally collaborate with IT stakeholders to determine and validate risk treatment options
- Maintain a thorough understanding of the company’s security posture, capabilities, and stakeholders
- Protect our customers, our employees, and our brands by incorporating security and compliance in all decisions and daily job responsibilities; follow security policies and procedures; maintain a high degree of confidentiality
- Manage, organize and prioritize multiple assignments and tasks simultaneously with a proven track record for delivering results.
- Commit to incorporating security into all decisions and daily job responsibilities
- Embrace the need to dynamically evolve and stay current in knowledge of the business, its technology and industry information security arenas
The skills you'll need
To succeed in this role, it's essential that you have strong IT security knowledge in relation to IT applications, web applications, operating systems and cloud architecture with a very good understanding of risk management and governance. CISSP certification is preferred.
You should also:
- Demonstrate strong documentation, communication skills, and possess the ability to deliver formal and informal presentations to a diverse audience.
- Knowledgeable in Information Security and Governance in a SaaS environment.
- Have strong experience providing security consultancy to both business and IT stakeholder and have good stakeholder management skills.
- Show good analytical skills, being able to analyze complex systems and scenarios to identify IT and information security risks.
- Possess a bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or have an equivalent combination of education and experience.
Equal Opportunity Employer/Disability/Veterans
To view the complete position description as well as apply
https://www.entegral.com/en/company/careers.html
To find out more about Entegral and what we do
https://www.entegral.com/