Information Security GRC Analyst 2

Accelerate your Career!

At Swift, our greatest asset is OUR PEOPLE! We strive to be the best and give our best every day. We are passionate about learning and cultivating an environment of safety, honesty and mutual respect. We are a family where everyone has a voice and plays an essential role in our overall success and the success of our drivers. Your voice and perspective matter at Swift Transportation. We understand that you are the subject matter expert, and we trust you to ideate and execute those ideas based on the best interest of the company.

Be a part of something bigger. Be a part of the #1 full truckload carrier in the nation. Be a part of Swift Transportation.

Job Responsibilities: What you will do

Support Knight-Swift's IT governance, risk management, and compliance (GRC) initiatives by aligning practices with standardized controls, relevant recommendations, and internal policies to improve security and resilience. Collaborate with cross-functional teams to assess risks and track mitigations. Establish sustainable strategies and measurable processes to ensure that mitigations improve over time.

• Enforce security policies, controls, standards, procedures, contractual obligations, and regulatory requirements. Assist to develop, review, maintain, and update policies, controls, standards, and procedures.
• Maintain awareness of existing and proposed regulatory requirements such as State and/or Federal legislation and regulations pertaining to information security and data privacy.
• Perform risk assessments and track projects to identify, validate, and mitigate risks.
• Perform assessments of vendor risk, develop mitigation plans and partner with stakeholders to assign monitoring responsibility.
• Conduct investigations and reviews of security exceptions to mitigate deficiencies.
• Identify and recommend detailed compensating controls when ideal mitigations are unavailable or delayed.
• Use qualitative and quantitative methods to monitor assets, risks, and mitigations.
• Develop, maintain, and update relevant documentation to support the continued maturity of security and resilience programs.
• Include artifacts in documentation as evidence of compliance, updated periodically.
• Prepare status updates and reports for management on security and resilience matters.
• Provide security and resilience expertise on complex issues that involve combinations of platforms and computing environments.
• Act as a liaison to business and IT groups and assist them in the implementation of data privacy, compliance requirements, and information security technologies.
• Provide guidance to less experienced staff.
• Support security awareness training programs and assist in training delivery, as a secondary/backup function.
• Proactively work to assist others in achieving the organization's objectives.

Copy and paste URL into browser to view full description: https://knxtrans.jdxpert.com/ShowJob.aspx?EntityID=2&id=7935

Qualifications: What you need to bring

• 5+ years experience in Enterprise IT, 2 of which is in cybersecurity or GRC required,
• Previous experience with networking, databases, systems, applications, SaaS and other cloud technologies preferred.
• Bachelors in IT or related field, or equivalent combination of education and/or work experience required.
• Professional certifications such as CISSP, CGRC, CRISC preferred.
• Must have strong knowledge of industry standards and frameworks, such as ISO27001, ISO27002, SOC2, CIS Controls, NIST CSF.
• Must be well organized and detail oriented.
• Must be exceptional in establishing, maintaining, and updating documentation.
• Must have strong technical writing skills, business writing skills, and presentation skills.
• Must have strong analytical abilities, written and verbal communication skills.
• Must be able to multi-task and be flexible in completing assigned tasks.
• Must be a Power User in Microsoft 365 tools, especially Microsoft Excel.
• Must be familiar with Generative A.I. tools, such as Microsoft Copilot, for productivity and analysis purposes.
• Must be familiar with GRC tools.

Pay Range: $81,000.00 - $99,000.00 Annual

What we offer:

• Competitive starting salary commensurate with experience and geographic location.
• Potential bonus pay based on company performance.
• Opportunities to volunteer and give back to local communities.
• Comprehensive Benefits Package which includes:
  • 401(K)
  • Medical, Dental, Vision, Disability, Supplemental and Life Insurance
  • Paid Time Off
  • Employee Stock Purchase Plan

The Company is an equal employment opportunity employer. The Company's policy is not to unlawfully discriminate against any applicant or employee on the basis of race, color, sex, sexual orientation, gender identity, religion, national origin, age, military status, disability, genetic information or any other consideration made unlawful by applicable federal, state, or local laws. The Company also prohibits harassment of applicants and employees based on any of these protected categories.