Security Compliance Analyst

Job Description The IT Governance, Risk, and Compliance (GRC) team functions include maintaining and auditing information security controls to ensure conformance or compliance with applicable standards and local laws and regulations; enterprise-wide IT security awareness programming; monitoring compliance with security policy and applicable law. Participate in risk assessments, third party risk reviews, and assisting with audit/compliance activities. RESPONSIBILITIES Perform security risk assessments for business and technology initiatives such as new vendors, critical vendors, and supporting software by reviewing security questionnaire responses, utilizing web app scanning technology and open-source software scanning technology, reviewing security compliance reports such as ISO27001, SOC 2, CSA, SIG, and more. Provide IT security due diligence reviews for sales and client functions. Assist in coordinating security awareness programming, including IT policy maintenance. Review policies...