Sr GRC Analyst
Spark Tek Inc · San Jose, CA · 1 mo ago
On-siteBusiness Development$56/hrFull-time
Skills
- Excellent understanding and practical application of industry security frameworks including SANS Critical Security Controls, CIS Controls, ISO 27001, NIST SP 800-53, PCI DSS, and SOC2.
- Great understanding of IT control frameworks (COBIT) and IT general controls
- Strong knowledge of information security concepts, risk and controls concepts
- Strong knowledge of standards such as ISO 27001/2, NIST CSF, NIST 800-53, TSC 2017 (SOC2), PCI DSS, etc.
- Ability to configure and/or maintain 3rd party vendor risk management tools (such as OneTrust vendor assessment or a similar tool ) for third party risk assessments
- One or more certifications such as CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer
Qualifications
- Bachelor's Degree in Technology or Risk Management
- CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred