Sr GRC Analyst

  • Santa Clara, CA
  • Posted 3 days ago | Updated 7 hours ago

Overview

On Site
USD 80.00 - 82.00 per hour
Full Time

Skills

SAP GRC
SFTP
Knowledge Base
Security Analysis
SANS
COBIT
NIST 800-53
System On A Chip
PCI DSS
Configuration Management
Data Security
Information Security Governance
Identity Management
Vulnerability Management
Network Security
Authorization
Audit Management
Certified Ethical Hacker
Attention To Detail
Risk Management
Security Architecture
ISO/IEC 27001:2005
Information Security
Regulatory Compliance
Encryption
Articulate
Trading
Data Loss Prevention
API
FTP
Software Development Methodology
Risk Assessment
Auditing
Authentication
Asset Management
Change Management
Payment Card Industry
English
CISA
CISM
CISSP
Spectrum
Security Controls
Access Control
Training

Job Details

Job Description:
Duties:
  • Perform vendor risk assessments against all security domains
  • Perform technical implementation assessments from a security perspective related to vendor integrations (i.e. API integrations, SFTP integrations, etc.) to validate the secure implementation of the third party service at PANW
  • Maintain and expand Customer Trust knowledge base
  • Support PANW customer security assessment requests
  • Support PANW customer audits
Skills:
  • Excellent understanding and practical application of industry security frameworks including SANS Critical Security Controls, CIS Controls, ISO 27001, NIST SP 80053, PCI DSS, and SOC2.
  • Great understanding of IT control frameworks (COBIT) and IT general controls
  • Strong knowledge of information security concepts, risk and controls concepts
  • Strong knowledge of standards such as ISO 27001/2, NIST CSF, NIST 80053, TSC 2017 (SOC2), PCI DSS, etc.
  • Strong knowledge of security control domains such as Asset Management, Configuration Management, SDLC, Logging and Monitoring, Data Security, Network Security, Security Governance, Identity Access Management, Vulnerability Management, etc.
  • Proficiency in a wide spectrum of technical security controls encompassing logical access control, encryption , data loss prevention, secure coding practices, security architecture, vulnerability management, and network security technologies.
  • Expert in conducting Vendor risk assessments and understand risk exposure of technology deficiencies and translating them to business impact
  • Strong domain experience in security risk assessments
  • Working knowledge of risk treatment and exception processes
  • Strong knowledge of Security architecture design and review including key security controls related to authorization, authentication, and encryption of data in transit/at rest
  • Ability to configure and/or maintain 3rd party customer audit management tools (such as OneTrust Compliance Automation or a similar tool ) for automated evidence collection to support customer audits is a plus
  • Ability to configure and/or maintain 3rd party vendor risk management tools (such as OneTrust vendor assessment or a similar tool ) for third party risk assessments is a plus
  • One or more certifications such as CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer
  • Open to learning and working on new domains and technology
  • Good written and spoken communications skills to explain and articulate technical concepts effectively to stakeholders including system engineers, and auditors
  • Strong attention to detail and diligence
Education:
  • Bachelor's Degree in Technology or Risk Management
  • CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred
Required Skills:
  • Security Architecture
  • ISO 27001
  • Information Security
  • CISSP
  • Governance, Risk and Compliance
Additional Skills:
  • CISM
  • Encryption
  • Governance
  • Articulate
  • Trading
  • Translating
  • Data Loss Prevention
  • API
  • Access control
  • Secure file transfer protocol
  • CISA
  • SDLC
  • Risk Assessments
  • AUDIT
  • Authentication
  • PCI
  • NIST
  • Collection
  • Asset management
  • Change management
  • Coding
  • Payment Card Industry
Languages:
  • English ( Speak, Read, Write )
Minimum Degree Required:
  • Bachelor's Degree
Certifications & Licenses:
  • CISA
  • CISM
  • CISSP
  • Cissp Certification
  • Proficiency in a wide spectrum of technical security controls encompassing logical access control.
Note:

Pay Range: $80 - $82
The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.

#LI-KW
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About PTR Global