IT Governance, Risk and Compliance (GRC) Analyst (Security Team)- Remote
BERWYN, PA, US, 19312
Applications have closed
At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world.
Job Overview
The ideal candidate for the IT Governance, Risk and Compliance (GRC) Analyst (Security Team) role will have a strong desire to be part of a growing information security team in a high-volume, dynamic environment. The IT GRC Analyst is a key member of the GRC team within TE’s Security & Risk Management (SRM) function. The SRM function is part of TEIS (TE Information Solutions) and has global enterprise-wide responsibility for information/cyber security, technology risk and controls, IT compliance and related areas across TE Connectivity.
RESPONSIBILITIES
- This person will focus on the execution and coordination of IT security governance, risk and compliance processes related to a broad range of global government and industry regulations and requirements.
- Lead IT control testing and gap analysis in support of TE’s information security programs, including Sarbanes Oxley (SOX), the US Defense Federal Acquisition Regulation Supplement (DFARs) 7012 & Cybersecurity Model Maturity Certification (CMMC).
- Work with business and technical groups to assess IT risks, recommend enhanced governance and controls, perform self-assessments and recommend improvements in control design.
- Create and maintain documentation regarding TE’s security and operational controls to support audits and certifications.
- Oversee and govern security controls that should meet TE global IT policy and regulatory requirements.
- Perform and update IT risk assessments, maintain governance repositories and documentation and leverage security metrics to track progress.
- Ensure data subject to regulations and advanced protection requirements are safeguarded during M&A & IT transformation activities.
- Work with corporate and BU Legal teams to ensure alignment on cyber risk reporting requirements, customer contractual requirements and serve as a point person for segment and BU CIOs.
- Identify gaps in the design and operating effectiveness of controls and identify improvements that reduce risk and/or align TE with industry recognized internal control frameworks.
- Complete security assurance questionnaires from internal and external stakeholders, including customers and cyber-insurers.
What your background should look like:
• General knowledge of information security and controls and related technologies, including identity & access management; database, operating system, and network security; endpoint security; application security; data protection and leakage; vulnerability management; security logging and monitoring.
• Familiarity with regulations relevant to IT security and compliance for a public, global manufacturing company (e.g. SOX, PCI, HIPAA, US and international privacy regulations; US and international cybersecurity regulations and export restrictions such as DFARS, ITAR and UKML) and/or Controls Frameworks (e.g., COSO, COBIT, NIST, ISF Standards of Good Practice, ISO 27001); and industry or regionally specific certifications (e.g., TISAX; UK CyberEssentials).
• Experience with any of the following is a plus: manufacturing and OT/ICS systems; support of or experience with Risk Management Systems (e.g. Archer or others), IT audit; governance for IT outsourcing; risk management frameworks; and Kaizen/lean methodologies.
• Ability to track and manage numerous parallel activities.
• Ability to identify opportunities for continuous improvement and execute on them.
• Ability to work efficiently and independently with minimal supervision (i.e., self-motivated, and willing to stretch to meet important deadlines).
• Ability to work successfully in a cross-functional team environment.
• Bachelor’s degree (High School +4 years)
• Active security certification (CISSP, CISM, CRISC or CISA) or equivalent is a plus
• Years of experience: 4 - 7 years or more
Competencies
Values: Integrity, Accountability, Inclusion, Innovation, TeamworkABOUT TE CONNECTIVITY
TE Connectivity is a global industrial technology leader creating a safer, sustainable, productive, and connected future. Our broad range of connectivity and sensor solutions enable the distribution of power, signal and data to advance next-generation transportation, renewable energy, automated factories, data centers, medical technology and more. With more than 85,000 employees, including 8,000 engineers, working alongside customers in approximately 140 countries. TE ensures that EVERY CONNECTION COUNTS. Learn more at www.te.com and on LinkedIn, Facebook, WeChat, Instagram and X (formerly Twitter).
COMPENSATION
• Competitive base salary commensurate with experience: $116,560-174,840 (subject to change dependent on physical location)
• Posted salary ranges are made in good faith. TE Connectivity reserves the right to adjust ranges depending on the experience/qualification of the selected candidate as well as internal and external equity.
• Total Compensation = Base Salary + Incentive(s) + Benefits
BENEFITS
• A comprehensive benefits package including health insurance, 401(k), disability, life insurance, employee stock purchase plan, paid time off and voluntary benefits.
EOE, Including Disability/Vets
Tags: Application security Audits CISA CISM CISSP CMMC COBIT Compliance CRISC DFARS Endpoint security Governance HIPAA ICS Industrial ISO 27001 Monitoring Network security NIST Privacy Risk assessment Risk management SOX TISAX Vulnerability management
Perks/benefits: Competitive pay Equity / stock options Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.