Security/IT Audit Compliance Analyst (Privacy/GRC)

Recruiter
Tentek, Inc.
Location
Torrance
Salary
Competitive
Posted
20 Nov 2020
Closes
18 Dec 2020
Job role
Audit
Sector
IT/Telecoms
Contract type
Permanent
Hours
Full time

Security/IT Audit Compliance Analyst (Privacy/GRC)

Description:

Duties on yearly audits will include:

  • Support Third–Party vendor risk assessment processes; utilizing strategic partnerships with multiple internal stakeholder groups (procurement, legal, and business side operations).
  • Ensure companies are following all required Global & Regional policies/standards via assessments and audits of existing processes.
  • Partner with other internal non–IT, and external groups to stay aware the changing landscape e.g., new legislation and changes to existing legislation.
  • Partner with all North America Honda companies to provide support and provide guidance on remediation/countermeasure plans regarding area requiring strengthening in security & privacy.
  • Monitor and report on remediation/countermeasure status monthly; working with the remediation owners.
  • Support GRC project activities as required to achieve unit level objectives; these may include but are not limited to: monitoring project progress, tracking non–compliant activities, resolving problems, publishing progress reports, remediation consultation, and driving remediation activities to completion.
  • Improve technical and business process by studying current practices, identifying problems and recommending solutions.
  • Support project managers as requested in performing daily, weekly, monthly, reviews and project updates.
  • Maintain and expand current documentation for policy & privacy compliance program activities as required in support of the daily operations.
  • Perform other assigned tasks as need for the GRC Unit as requested by leaders.

Experience Needed:

  • Experience with information security, privacy, or related field preferably in the captive finance or banking industries
  • Understanding of Third–Party Vendor Risk Management processes & practices (REQ)
  • General IT auditing process & practices (REQ)
  • Understanding of control framework NIST–800–53, ISO270001, & privacy legislation (REQ)
  • Min. of 5 years of direct exp. as Data Privacy Governance, Risk and Compliance (GRC) Analyst (REQ)
– provided by Dice

Similar jobs

Similar jobs