Information Security Senior Analyst

Company:Driven Brands

We invite you to join us at Driven Brands!

Headquartered in Charlotte, NC, Driven Brands (NASDAQ: DRVN) is the largest automotive services company in North America, providing a range of consumer and commercial automotive needs, including paint, collision, glass, vehicle repair, oil change, maintenance and car wash.

With over 4,500 centers in 15 countries, Driven Brands is the parent company of some of North America’s leading automotive service brands including Take 5 Oil Change, Take 5 Car Wash, Driven Glass, Meineke, Maaco, CARSTAR, and more.  Our network services over 50 million vehicles annually and generates more than $5 billion in system-wide sales each year.

Our culture inspires high performance and innovation, enabling our employees to go further, faster in their careers. With amazing people and great brands, we confidently look forward to exciting growth ahead, and believe in following the values that support this vision.

JOB DESCRIPTION:

Responsibilities

• Perform risk assessments and audit reviews and make appropriate recommendations for improvement.
• Develop and formulate comprehensive reports detailing the findings, areas of non-compliance, required POA&Ms (Plan of Action and Milestones), environmental observations, and incident reports.
• Review, update, and manage security-related audit plans, security plans, and risk plan documentation for accuracy and consistency, proactively solving problems.
• Maintain the team risk register and collaborate across IT to drive risk mitigation and resolution. 
• Prepare audit documentation that supports audit results, drafting and editing audit findings to adhere to the standards and the agency's writing style.
• Collect and review evidence to ensure we can attest security controls are operating effectively.
• Develop, review, and manage IT Policies, Procedures, Standards, and Guidelines.
• Research agency and industry IT security best practices, standards, laws, regulations, and other applicable resources, to ensure security and privacy framework compliance.
• Direct third-party security risk assessments and research and recommend remediation plans and strategies. 
• Create reports, summaries, presentations, and process documents to display results.
• Influence and negotiate appropriate actions to mitigate or prevent failures related to identified risks.
• Collaborate with other team members and external and internal auditors to analyze and present data effectively.
• As needed, assist with security project implementations related to risk management or internal team needs.
• Keep informed of current risks, security issues, threats, protection strategies, or legal and regulatory developments.
• Serve as a mentor to less experienced staff.

Qualifications

• Bachelor’s Degree or security/compliance certifications.
• 2+ years of direct experience as a senior security analyst.
• Familiarity with security control frameworks such as NIST, ISO 27001, etc.
• Familiarity with privacy regulations such as CCPA, GDPR, etc.
• Ability to effectively communicate on complex issues with a high level of effectiveness.
• Must be a self-starter with the ability to manage multiple work assignments and priorities with urgent deadlines, maintaining excellent customer service skills, while working in a fast-paced team environment.
• Strong analytical, technical and communication (verbal and written) skills are required.
• Knowledge of IT Security concepts and controls.

• Candidate will also have experience with regulatory compliance from an Information Security perspective, broad knowledge across all information security domains, information security control testing experience, risk/compliance assessment experience, and technical writing skills.

#DBCORP

#REMOTE

#LI-LW1

Position Location:

North Carolina

Compensation Range:

$7.25 - $126,300.00

Compensation Frequency:

Annual

Base pay offered may vary depending on actual location, job-related knowledge, skills, and experience. Supplemental pay types may include commissions or bonus incentives, depending on the role. Driven Brands offers a variety of health and wellness benefits including paid time off and holiday pay. Details regarding our benefits can be found here: https://www.drivenbrandsbenefits.com