GRC Analyst
United States
Barracuda Networks Inc.
Barracuda Networks is the worldwide leader in Email Protection, Application Protection, Network Security, and Data Protection Solutions- Atlassian Cloud, GitHub, Enterprise Risk Assessment tools, Identity & Access Management tools, Third Party Risk Management tools,
- Develop and maintain information security policies, procedures, standards, and guidelines based on best practices and regulatory and legal compliance
- Assist with 3rd Party Supplier Security Risk Management
- Maintain security and data privacy risk inventory across the enterprise
- Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, and frameworks such as requirements to comply with SSAE 16 SOC I & II, ISO 27001, NIST/StateRAMP, etc.
- Facilitate and support the gathering, reviewing, assembling, and maintaining of internal and external audit evidence and related documentation work with external auditors to assist in the completion of annual compliance audits
- Assist with user access/identity management reviews from automated and manual systems
- Collaborate with cross-functional teams to integrate compliance requirements
- Monitor and review regulatory updates and issues relative to pertinent security regulatory requirements.
- Drive continuous improvement efforts to enhance IT compliance and governance practices.
- 5+ years of experience in IT compliance, governance, or related roles
- Expert knowledge on industry specific regulatory requirements and compliance frameworks for cloud providers (FedRAMP/DoD, SOC, ISO, HIPAA, PCI-DSS)
- Experience integrating and automating IAM systems/tools.
- Deep understanding of IT governance frameworks and risk management methodologies
- Prior experience with cloud providers and/or data centers a plus
- CISA and other industry certifications such as CISSP, CISM, or equivalent a plus
- Have a passion for and desire to develop expertise in network security and data protection products and technology
- Excellent project management and organizational skills.
- Excellent written and verbal communication skills
- Ability to work efficiently with minimal oversight/direction as well as part of multiple project teams
- Comfortable in a fast-paced, ever-changing, rapid-growth, fun environment with multiple projects and tasks
- Possess high ethical standards, level of commitment and ability to cope with complexity and change
- Responsible, flexible and a highly motivated self-starter
- Equity, in the form of non-qualifying options
- High-quality health benefits
- Retirement Plan with employer match
- Career-growth opportunities
- Flexible Time Off and Paid Time Off benefits
- Volunteer opportunities.
Individuals in Colorado, California, New York City, Washington State, and Westchester County (NY) are not eligible to apply for this position.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud Compliance DoD FedRAMP GitHub Governance HIPAA IAM ISO 27001 Network security NIST Privacy Risk assessment Risk management SOC
Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Health care
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.