Monday, July 2, 2018

GRC/Security Analyst

Position : GRC/Security Analyst
Location : San Jose , CA
Duration : 6 Months Contract
Rate : DOE
Interview mode : Phone and F2F interview or Skype

Responsibilities
8 or more years with IT security and audit experience with extensive knowledge of national/international security and risk management standards including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH and other regulatory requirements .

Knowledge of GRC systems, security standards and progressive experience documenting and performing security assessments, and reviews.
1.    Assist the CJIS Program Manager/Administrator with the administration of the CJIS Security, Governance, Risk and Compliance (GRC) enterprise risk management processes.
2.    Engage and assist specific stakeholders/agencies with risk assessment processes, and identify gaps in security control environment and CJIS compliance requirements.
3.    Perform gap analysis of security requirements implemented within the business unit/agency application(s) and operations according to Corporate processes, statute, regulation, standards and CJIS policies.
4.    Provide guidance to staff with standard interpretation of CJIS/NIST/FedRAMP controls and other security statutory and regulatory requirements.
5.    Assist with policy/process/procedure development and documentation along with entering information into GRC systems to complete risk assessment, analysis and processes.  
6.    Assist with GRC volume of work for business units/agencies.
7.    Assist with establishing Cyber Security/Risk Management Frameworks. 
8.    Work with team in improving process.
9.    Other risk management/cyber security related tasks as assigned.

Skills & Ideal Experience

·         Information Technology Experience – Required – 6 Years
·         IT Security and/or Audit Experience – Required – 6 Years
·         PCI, NIST, FISMA, HIPPA, CJIS, or related experience – Required -  5 Years
·         Experience working in large, complex business and/or IT environments – Required – 6 Years
·         Bachelors or Masters Degree in Computer Science, MIS, Business, Accounting, or Engineering (or related) – Required – 4 Years
·         Technical skills: knowledge and experience in IT security statutes, regulations, and standards, experience in GRC tool(s). – Required – 5 Years
·         CISSP/CISM/CISA certifications – Preferred
·         AWS Cloud experience and certifications - Preferred
·         Practical experience with commercial and/or Federal Government Governance, Risk & Compliance platforms – Required – 3 Years
·         Practical experience working with business and IT/LOB stakeholders to complete Risk Assessments – Required – 3 Years
·         8-10 total years related experience, ideally in a fast-paced startup environment.
·         Experience building solid configuration management for rapid application deployment and pipeline environments.
·         Results-oriented, collaborative professional with ability to work successfully in a highly matrixed organization.
·         Clear communicator who is very conductive to working in a team environment and helps lift team spirit.
·         Grit, drive and a strong feeling of ownership.
·         Innovative professional with a bias towards action rather than simply maintaining status quo.


Manoj Kukreja
Technical Recruiter
Amiga Informatics Inc.
501, S. Broadway Hicksville, NY 11801
Direct - 516-666-8065  : Board - 516-531-9060 Ext -118