Lead Governance, Risk and Compliance Analyst - Security

May 14

Apply Now

Receive Emails with Similar Jobs

Arctic Wolf

WebsiteLinkedInAll Job Openings

The cybersecurity industry has an effectiveness problem. Every year new technologies, vendors, and solutions emerge, and yet despite this constant innovation we continue to see high profile breaches in the headlines. All organizations know they need better security, but the dizzying array of options leave resource-constrained IT and security leaders wondering how to proceed. At Arctic Wolf, our mission is to End Cyber Risk through effective security operations. To achieve this, we believe that organizations must do three key things:

Cybersecurity • Security Information Event Management • Managed Security Operations Center • Managed Security Services • Big Data Security

1001 - 5000 employees

Founded 2012

📋 Description

• The Lead Governance, Risk, & Compliance Analyst works with cross-functional stakeholders to identify/manage the security & privacy risks and establish governance and compliance processes across our organization. • This role is hands-on but also keeps a broader view on creating processes and policies that align with, and enhance, the AW growth strategy. • Role entails working collaboratively across teams to shape AW’s information security program to ensure that AW protects the confidentiality, integrity, and availability of AW’s customer & internal data and that management, operational, and technical security controls are implemented across all products and solutions in accordance with compliance standards underlying the external certifications/attestations. • Responsibilities Plan, execute, and report on various types of Security/Privacy GRC reviews, including post-remediation validations • Conduct ongoing risk assessments and assist in developing and executing a dynamic risk assurance plan to address high-risk areas • Lead improvements and design of innovative industry-wide compliance and controls across the Organization • Lead compliance related change management initiatives within the Team and across the Organization • Lead handling complex issues with internal auditors and/or external regulators • Craft and communicate effective data-driven reporting and updates to influence decisions and outcomes internally • Develop and maintain tight coordination with various AW cross-functional teams

🎯 Requirements

• Must have demonstrable experience in both building and operating CMMC, FedRAMP certification programs. • Additional NIST, PCI DSS, ISO, SOC2 or other similar governance and compliance frameworks is preferred. • Effective project management skills, as well as excellent verbal and written communication skills • Analytical capacity and experience adding structure in a complex, ambiguous environment • Strong cross-group collaboration and team player, dealing with complex problems, resolving conflicts, and experience influencing cross-functionally, and with executive-level audiences • Ability to quickly adapt to shifting priorities, demands and timelines through both analytical and problem-solving capabilities • Ability to analyze fragmented inputs (critical thinking), synthesize key attributes and recommend/deliver effective, balanced recommendations and outcomes • Deep understanding of security, privacy, regulatory requirements that may impact the tech industry • Minimum Qualifications Bachelors degree or equivalent work experience • 5 + years of experience in managing compliance programs – must show demonstrable experience leading, building and running programs that led to security certifications for the organization • Preferred Qualifications Master’s degree in business, management information systems, or related field • Experience managing a team both directly and in a matrixed fashion • CISSP, CRISC, CISA or equivalent certification preferred • 10+ years directly related experience

🏖️ Benefits

• Equity for all employees • Flexible time off and paid volunteer days • RRSP and 401k match • Training and career development programs • Comprehensive private benefits plan including medical, mental health, dental, disability, life and AD&D, and value-added services • Robust Employee Assistance Program (EAP) with mental health services • Fertility support and paid parental leave