GRC Security Analyst

Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients.  We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Job: As a Governance, Risk, and Compliance (GRC) Security Analyst, you will play a critical role in safeguarding our organization's information assets by ensuring compliance with relevant regulations, standards, and best practices. You will be responsible for assessing risks, developing policies and procedures, and implementing controls to mitigate security threats and ensure adherence to compliance requirements. This role requires a strong understanding of information security principles, regulatory frameworks, and risk management practices.

Responsibilities:

• Risk Assessment: Conduct comprehensive risk assessments to identify potential security vulnerabilities and threats to the organization's information assets.
• Compliance Management: Ensure compliance with relevant regulations such as GDPR, HIPAA, PCI-DSS, ISO 27001, and other industry-specific standards.
• Policy Development: Develop and maintain information security policies, procedures, and standards in alignment with regulatory requirements and industry best practices.
• Control Implementation: Implement and manage security controls to mitigate identified risks and vulnerabilities effectively.
• Security Awareness: Develop and deliver security awareness training programs to educate employees about security policies, procedures, and best practices.
• Incident Response: Collaborate with the incident response team to investigate security incidents, assess the impact, and implement remediation measures.
• Vendor Risk Management: Assess and manage security risks associated with third-party vendors and service providers.
• Security Audits and Assessments: Coordinate and participate in internal and external security audits, assessments, and compliance reviews.
• Documentation and Reporting: Maintain accurate documentation of security policies, procedures, risk assessments, and compliance activities. Generate regular reports for management and stakeholders.
• Continuous Improvement: Monitor emerging security threats and regulatory changes, and recommend enhancements to security controls and processes to improve the overall security posture of the organization.

Requirements:

• Relevant certifications such as CISSP, CISA, CISM, or CRISC are preferred.
• Proven experience in information security, risk management, or compliance roles.
• Strong understanding of information security principles, standards, and best practices.
• Knowledge of relevant regulatory requirements and frameworks (e.g., GDPR, PCI-DSS, ISO 27001).
• Experience with risk assessment methodologies and tools.
• Excellent analytical and problem-solving skills.
• Effective communication and interpersonal skills, with the ability to collaborate cross-functionally.
• Ability to work independently and prioritize tasks in a dynamic environment.
• Attention to detail and a commitment to maintaining high standards of quality and compliance.
• Continuous learning mindset to keep abreast of the latest security trends, technologies, and regulatory changes.

Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.