Overview
On Site
Full Time
Skills
SAP GRC
Oracle Linux
JD
API
SFTP
Knowledge Base
Security Analysis
Auditing
SANS
Security Controls
NIST SP 800 Series
COBIT
Information Security
NIST 800-53
System On A Chip
PCI DSS
Risk Assessment
Certified Ethical Hacker
Risk Management
CISA
CISM
CISSP
ISO/IEC 27001:2005
Job Details
- Sr GRC Analyst - $56 on w2 or 676 on c2c
JD:
Perform vendor risk assessments against all security domains
Perform technical implementation assessments from a security perspective related to vendor integrations (i.e. API integrations, SFTP integrations, etc.) to validate the secure implementation of the third party service at PANW
Maintain and expand Customer Trust knowledge base
Support PANW customer security assessment requests
Support PANW customer audits
SKILLS
Excellent understanding and practical application of industry security frameworks including SANS Critical Security Controls, CIS Controls, ISO 27001, NIST SP 800-53, PCI DSS, and SOC2.
Great understanding of IT control frameworks (COBIT) and IT general controls
Strong knowledge of information security concepts, risk and controls concepts
Strong knowledge of standards such as ISO 27001/2, NIST CSF, NIST 800-53, TSC 2017 (SOC2), PCI DSS, etc. Ability to configure and/or maintain 3rd party vendor risk management tools (such as OneTrust vendor assessment or a similar tool ) for third party risk assessments is a plus
One or more certifications such as CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer
Bachelor's Degree in Technology or Risk Management
CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.