Epicareer Might not Working Properly
Learn More

Cybersecurity Risk & Compliance Analyst

  • Full Time, onsite
  • Global Bridge InfoTech Inc.
  • Remote, United States of America
Salary undisclosed

Apply on


Original
Simplified

Senior Analyst (Cybersecurity Risk & Compliance)
Long Term Contract
Irving, TX (Remote)

Job Details:

Resource will identify, assess, and mitigate cybersecurity risk, focusing on automating and optimizing cybersecurity controls. The role will leverage OneTrust s capabilities to evaluate the effectiveness of security controls, ensure compliance with relevant frameworks, and streamline risk management processes. The ideal candidate will have deep knowledge of cybersecurity risk management, regulatory compliance, and hands-on experience with OneTrust or similar platforms.
The analyst will partner with the business, IT, and security organizations to coordinate the mitigation of identified risks and automate the controls to achieve a higher compliance level of mandated regulations, standards, and policies within the organization.
Essential Functions
Use OneTrust to automate and manage cybersecurity controls across the organization, ensuring they are appropriately implemented and effectively mitigate risks.
Coordinate and participate in managing the risk register and risk mitigation efforts, including managing the risk exception process.
Develop and maintain an inventory of cybersecurity controls mapped to industry standards (e.g., NIST, ISO 27001, CIS) and regulatory requirements (e.g., GDPR, CCPA, PCI-DSS, and SOX)
Develop assessment questionnaires and conduct compliance assessments to identify gaps in existing controls and recommend mitigation strategies, leveraging OneTrust s automation and assessment tools.
Collaborate with key stakeholders (IT, Compliance, and Legal) to ensure that risks are understood, assessed, and appropriately addressed.
Generate risk and control assessment reports and dashboards for senior leadership, identifying key risks, mitigation progress, and controls effectiveness metrics.
Lead efforts to document and maintain up-to-date policies and procedures related to cybersecurity risk management and control automation.
Requirements:
The ideal candidate will possess the following:
Bachelor s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering, or related field(s).
5+ years of experience using OneTrust or similar risk management and GRC platforms to automate control testing, risk assessments, and compliance tracking.
Strong understanding of cybersecurity controls, risk mitigation strategies, and how they apply to data protection and privacy compliance.
Ability to analyze complex cybersecurity risks, identify control weaknesses, and recommend actionable mitigation strategies.
Security and Compliance certifications such as CISSP, CISA, CISM, CGEIT, or CRISC. Candidates with CISSP will be preferred.
Technical Knowledge
The candidates MUST possess a solid working knowledge of:
o Identity and Access Management & Governance concepts and technologies such as Microfocus NetIQ (including IGA), Active Directory, Centrify, Entra, etc.
o Vulnerability Management platforms such as Rapid7.
o IT asset management utilizing ServiceNow (or other) Configuration Management Databases (CMDB) and network asset discovery tools.
o Control frameworks and control objectives (ex NIST CSF, NIST RMF, PCI-DSS, SOX, GDPR, CCPA, etc.)
o Operating systems, databases, and middleware components.
o Conducting compliance and risk assessments.
o Management of IT and security projects.
o Office 365 tools (Word, Excel, SharePoint, Entra, OneDrive, Teams, and PowerPoint)
Work Environment Characteristics
Self-motivated and results-oriented, including the ability to prioritize conflicting demands.
Exceptional organizational skills to balance work and lead projects.
Strong verbal and written skills.
The candidate must build consensus, collaborate, and build strong relationships with various internal and external stakeholders (business, development, security, etc.).
Ability to adapt and apply information to new scenarios and technologies

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job