Sr. GRC Analyst

New York, NY, United States

Cantor Fitzgerald

Iconic global financial institution with world-class talent, providing specialized sector expertise, innovative products, and personalized solutions to clients across the globe.

View all jobs at Cantor Fitzgerald

Apply now Apply later

The Information Security-GRC (Governance Risk and Compliance) Team is looking for an experienced risk and compliance professional to help drive the efforts across Cybersecurity controls framework initiatives, such as user access recertification, policy management, vendor assessment and client due diligence. This role will also be responsible furthering Cantor’s and its entities Cybersecurity control design model in alignment with industry frameworks. The role will also work closely with adjacent teams focused on standards, stakeholder assurance, and engagement with technology owners.

Qualification Requirements:

  • 3-5 years of experience in risk and control management.
  • 3-5 years of combined experience in areas such as audit, accounting, operational risk management, information technology/security.
  • Knowledge of various risk and control framework standards such as NIST, COSO, CMMI, ISO, SOC1/2, CobiT, etc.
  • Exposure to mapping cybersecurity control frameworks and risk management processes.
  • Exposure to access management processes, such as user access recertification.
  • Experience with RCSA (Risk Control Self-Assessment).
  • Familiarity with cybersecurity controls and remediations.
  • Experience with problem solving in a team environment by thinking outside of the box and providing innovative solutions, with and without technology.
  • Experience in Microsoft 365 (Project, PowerPoint, Excel, Word)
  • Public accounting "Big Four" audit experience preferred.
  • CISA certification preferred.
  • SOX experience preferred.

The expected base salary for this position ranges from $90,000 to $130,000. The actual base salary will be determined on an individualized basis considering a wide range of factors including, but not limited to, relevant skills, experience, education, and where applicable, licenses or certifications held. In addition to the base salary and a competitive benefits package, this position may be eligible for additional types of compensation including discretionary bonuses and other short and long-term incentives (e.g., deferred cash, equity, etc.).

Apply now Apply later
Job stats:  0  0  0

Tags: CISA COBIT Compliance Governance NIST Risk management SOC 1 SOX

Perks/benefits: Competitive pay Equity / stock options

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.