GRC Security Analyst
Charlotte, North Carolina
Employer: Enpro Industries
Industry: Information Technology
Salary: Competitive
Job type: Full-Time
SUMMARY:
Enpro is currently seeking a Governance, Risk, & Compliance (GRC) Analyst to join our corporate Information Security Team based in Charlotte, NC. Reporting to the Director of Information Security, the GRC Analyst will be responsible for driving the execution of the GRC strategy by managing security and compliance framework control adherence, supporting regulatory compliance requirements, leading and tracking security awareness initiatives, and tracking key security metrics and KPI's. The candidate will work closely in collaboration with Enpro's Compliance, Legal, and Internal Audit Teams to ensure alignment on business priorities and to effectively manage enterprise cyber risks. This role requires a balanced understanding of cybersecurity, privacy, compliance, and information security industry frameworks.
The ideal candidate is someone who understands technology, possesses deep experience in GRC concepts, is a self-starter, and is adept at understanding information security and regulatory compliance frameworks and their relevant security controls. The GRC Analyst must be process oriented and not be driven solely by compliance.
PRIMARY RESPONSIBILITIES:
MINIMUM QUALIFICATIONS/EDUCATION/WORK EXPERIENCE:
PREFERRED QUALIFICATIONS/EDUCATION/WORK EXPERIENCE:
Enpro is a leading industrial technology company using material science to push boundaries in semiconductor, life sciences, and other technology-enabled sectors. We are a leader in sealing technologies, advanced surface technologies, and highly engineered materials. Our products and services are sold into more than 40 distinct end-markets that touch our lives every day - from food and pharmaceutical facilities to semiconductor clean rooms, from agricultural robots that help grow your food to last-mile technologies that deliver it to your doorstep, from commercial aviation to space exploration, and much more in between. Our commitment to innovation, quality, and value has propelled our brands to wide recognition and leading positions in their markets.
Enpro is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Enpro is currently seeking a Governance, Risk, & Compliance (GRC) Analyst to join our corporate Information Security Team based in Charlotte, NC. Reporting to the Director of Information Security, the GRC Analyst will be responsible for driving the execution of the GRC strategy by managing security and compliance framework control adherence, supporting regulatory compliance requirements, leading and tracking security awareness initiatives, and tracking key security metrics and KPI's. The candidate will work closely in collaboration with Enpro's Compliance, Legal, and Internal Audit Teams to ensure alignment on business priorities and to effectively manage enterprise cyber risks. This role requires a balanced understanding of cybersecurity, privacy, compliance, and information security industry frameworks.
The ideal candidate is someone who understands technology, possesses deep experience in GRC concepts, is a self-starter, and is adept at understanding information security and regulatory compliance frameworks and their relevant security controls. The GRC Analyst must be process oriented and not be driven solely by compliance.
PRIMARY RESPONSIBILITIES:
- Assess and validate the assurance of Enpro's Information Security Program through audits, assessments, and continuous monitoring of Enpro's security control framework.
- Conduct enterprise-wide, ongoing risk analysis in tandem with Security, Internal Audit, and Compliance Teams.
- Document and maintain appropriate security control mappings to relevant regulatory compliance and applicable industry frameworks and standards.
- Identify and report on information security control deficiencies and work with internal/external stakeholders to prioritize and remediate findings.
- Manage and mature Enpro's third party risk management program to effectively manage organizational risk presented through key relationships with vendors, suppliers, and customers.
- Monitor current and proposed security changes impacting regulatory, privacy, and security industry best practices and escalate concerns where applicable.
- Define qualitative and quantitative metrics to assess the success of the security program and provide regular reports to security and business leadership.
- Attend and fully engage in change and project management meetings.
MINIMUM QUALIFICATIONS/EDUCATION/WORK EXPERIENCE:
- 5+ years of related GRC/information security experience required
- Prior experience supporting GRC platforms from vendors such as AuditBoard, LogicGate, Archer, MetricStream etc.
- Self-starter, capable of driving initiatives to completion with minimal supervision
- Demonstrated ability to manage complex GRC security initiatives with a global scope and international requirements
- Deep knowledge working with frameworks such as ISO27001/27002, NIST 800-171, NIST 800-53, etc.
- Highly trustworthy; leads by example
PREFERRED QUALIFICATIONS/EDUCATION/WORK EXPERIENCE:
- Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent industry experience
- Possess industry certifications (CISSP, CRISC, CGEIT, IAPP, CISA, GRCP)
- Preferred experience with cloud environments such Amazon Web Services (AWS) and Microsoft Azure
- Familiarity with state, federal and international privacy laws
- Experiencing supporting industry and regulatory compliance frameworks such as PCI, ISO, DFARS, ITAR, NIST, and Sarbanes-Oxley
Enpro is a leading industrial technology company using material science to push boundaries in semiconductor, life sciences, and other technology-enabled sectors. We are a leader in sealing technologies, advanced surface technologies, and highly engineered materials. Our products and services are sold into more than 40 distinct end-markets that touch our lives every day - from food and pharmaceutical facilities to semiconductor clean rooms, from agricultural robots that help grow your food to last-mile technologies that deliver it to your doorstep, from commercial aviation to space exploration, and much more in between. Our commitment to innovation, quality, and value has propelled our brands to wide recognition and leading positions in their markets.
Enpro is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Created: 2024-06-09
Reference: 496007
Country: United States
State: North Carolina
City: Charlotte
ZIP: 28269
Similar jobs:
-
Security Analyst
Apex Systems in Raleigh, North Carolina -
GSOC Analyst, Global Security Operations Center
Samaritan's Purse in Boone, North Carolina -
APPLICATION SECURITY ANALYST
INSPYR Solutions in -, North Carolina💸 $45 - $55 per hour -
Information Security Analyst
Chenega MIOS SBU in Cherry Point, North Carolina -
SAP Security Analyst/HYBRID
MSC Industrial Supply Co in Davidson, North Carolina💸 $65660 - $103180 per year -
Information Security Analyst
Strategic Staffing Solutions in Charlotte, North Carolina💸 $41 per hour -
Sr. Security Program Analyst - Central / East Regions
CBRE in Charlotte, North Carolina -
SeniorInformation Security Analyst
Compunnel in Charlotte, North Carolina -
Sr Forensic Cyber Security Analyst- Remote
UnitedHealth Group in Raleigh, North Carolina💸 $88000 - $173200 per year