Senior Analyst, Governance, Risk, and Compliance
eSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events. We were founded from the premise that if you can't find a solution, you build it. Entrepreneurship and innovation are in our DNA. Our culture is based on transparency, candor, and resiliency. At eSentire, continuous improvement isn't an option. It's expected.
Join our team and build your cybersecurity career in one of the world's most dynamic industries.
The role of the Sr. Analyst, Governance, Risk, and Compliance (GRC) will supportthe eSentire CyberSecurity Teams activities in alignment to business strategy. This role will conduct risk assessments based on established processes and work with risk owners to develop risk remediation strategies; conduct and support internal audit activities as per the eSentire Audit Schedule; assist the business attain and maintaining its security control objectives to meet various legal, regulatory, industry, and customer requirements; and measure and report associated metrics to ensure that organizational objectives are monitored and achieved.
- Conduct assessments/internal audits against eSentire Security Policies and Directives as directed by Director GRC.
- Assessing internal compliance readiness to external accreditation programs and standards (e.g., PCI, HIPAA, NIST CSF, HITRUST, etc.).
- Track, monitor, and report on audit/assessment remediation efforts.
- Support, development and management of InfoSec policies, standards, and awareness and ensure broad enterprise visibility and education.
- Assess areas of potential risks and collaborate with impacted business units to decide how to avoid, reduce, or transfer these risks.
- Support and collaborate with business and technology leaders and other risk managers to resolve the most challenging risk matters.
- Follow established process to assess vendors and other security related service providers.
- Partner with business and technology leaders in ensuring new and existing business relationships adequately address information security risk through vendor management, security engineering engagements, and security assessments of processes and procedures.
- Manage specified Governance Risk and Compliance (GRC) projects from inception to completion.
Education and Experience
- Preferred bachelor's degree in related field or equivalent combination or experience and education
- Five (5) plus years of IT Security, Assessment, Compliance experience.
- CISSP, CISM, CRISC, or CISA preferred
- Experience in managing and accessing information security risks
- Functional knowledge of ISO 27001, NIST, PCI, AICPA SOC2
Required Skills and Abilities
- Ability to formulate and communicate strategies and concepts to non-technical associates
- Ability to read and interpret documents clearly and informatively
- Well-developed verbal and listening communication skills
- Strong written communication skills with the ability to write technical documentation, reports and correspondence
- Ability to define problems, collect data, establish facts, and draw valid conclusions
- Ability to exercise good judgment and make sound decisions independently; delegate/escalate issues appropriately
- Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited information is available
- Analytical thinker with desire to be continually challenged
- Well-developed interpersonal skills, including proven ability to interact with diverse personalities and in a tactful, mature, and flexible manner
- Ability to establish creditability and be decisive but also to recognize and support the organization’s preference and priorities
- Ability to work under strict deadlines, detail oriented, and the flexibility to think of alternative solutions
- Ability to initiate immediate interaction, coordination, and collaboration with team members, clients, customers etc.
- Excellent written and oral communication skills, with the ability to brief stakeholders on complex issues in a succinct manner
Why a Career with eSentire?
Our Culture: At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!
Growth Opportunities: At eSentire you will have the opportunity to grow and make an impact from your work. We encourage innovation in all who become a part of our team. With growing operations internationally, there are many lateral and upward advancement opportunities for rewarding and developing careers with eSentire. We’re strong believers in continuing education and provide the resources that you need to continue learning.
Employee Perks: We provide breakfast, snacks and refreshments (at our physical office locations in Waterloo, London, and Cork), flexible working hours and vacation, company-wide equity and bonus programs, subsidies for continuing education and health & wellness, and attractive compensation and benefits plans. We make it our obligation to the team to stay current with compensation trends in the tech field!
We thank all applicants in advance for applying. Only individuals selected for interviews will be contacted.
eSentire is committed to creating a fair work environment that is aligned with the Accessibility for Ontarians with Disabilities Act (AODA). We guarantee equal treatment and provide opportunities regardless of race, creed, color, religion, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, status as a protected veteran or any other legally protected grounds and will not discriminate on these basis. If you have any accessibility requirements during the recruitment process, please reach out to our HR team at firstname.lastname@example.org and any accommodation needs will be addressed upon request.
- Pay Type Salary
Something looks off?