CGEIT - Certified in the Governance of Enterprise IT
CISA - Certified Information Systems Auditor
CISM - Certified Information Security Manager
COBIT 2019 Foundation Certificate
CRISC - Certified in Risk and Information Systems Control
CSX-P - Cybersecurity Practitioner Certification
Cybersecurity Fundamentals Certificate
ISACA Implementing the NIST Cybersecurity Framework Using COBIT 2019 Certificate
Cloud Fundamentals Certificate
Who We Are Looking For
This opportunity is ideal for a determined and proactive individual who is willing to develop their skills in a variety of GRC, Security and Compliance related disciplines. This role requires a highly organized and analytical thinker who is willing to pay significant attention to detail in their work. We’re also looking for someone who seeks progression and embraces the prospect of being part of a growing organization, where they can personally make a difference. Previous experience of leading GRC activities is beneficial, especially if related to ISO. We want to give you a career, not a job.
Why This Role is Important to PSI
In this role, you shall be hands on with data security, privacy and compliance related that includes ISO and other industry standard frameworks. You shall work with collaboratively with various stakeholders to ensure success with all GRC related programs. The use of risk-based methodologies and decision-making to arrive at creative and pragmatic solutions, without relying on checklists, is a key part of the role. You will be a key part of the team, working collaboratively as well as independently.
The Senior Analyst, Security and Compliance role is primarily responsible for:
Supporting the implementation and business use of PSI’s GRC operating model and service-oriented customer engagement model.
Supporting the development, documentation and maintenance of policies, procedures, and standards across the organization ranging from Information Security & Data Protection to Quality Management and Environmental.
Supporting the maintenance of standards and other regulatory compliance.
Be a Security and Compliance Champion in promoting and developing awareness of different security and compliance risks and best practices across the company.
Identify and manage gaps related to security and compliance and other tasks to support ensuring PSI’s underlying data and information security processes, infrastructure and measures are fit for purpose and scaled to deliver an appropriate level of protection.
Ensuring compliance with the established key metrics that measure data security standards, the ISO standards/certification and provide evidence of compliance for internal and external audits.
Supporting and in some cases lead on, various GRC capability areas such as enterprise security risk management, compliance management, policy management, SOC 2 certifications, PCI standards and certification, ISO certifications (27001, 14000, 9000 and 20000).
Supporting the team in the operationalization of security compliance programs to support various compliance regulations and ensure it’s part of all business processes.
Performing risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
Working with various operational and business teams to identify and drive remedial action activity items, such as risks, remediation plans and continual improvements, to closure.
When required, be the Information Security & Compliance SME on Client engagements, providing guidance to stakeholders and ensuring information security and compliance activities are always part of the engagement.
Provide and support the accurate reporting of remedial activities by ensuring accurate updating and tracking of associated activities.
Supporting Supplier Management Program activities related to Supplier’s Information Security, Risk and Compliance status.
Respond to customer security/compliance questionnaires.
Act as a security and compliance SME to internal customers.
IT security or information security experience with a proven ability to engage with Stakeholders at all levels and regulators (essential).
Audit and compliance experience in leading, managing or supporting third party security related audits and assessments (essential)
Demonstrable experience on the ability to lead projects/engagements, showing independence and effective team working (essential).
Experience working within, achieving and/or maintaining SOC 2 certification, PSI standards and certifications, ISO standards such as, ISO 27001, 9001, 14001 and 20000 (desirable).
Hold an active security clearance (essential)
Experience in a fast-paced GRC/ISO function (desirable).
Hold current Security, privacy and risk certifications, i.e., CISSP, CRISC, CISA, CISM, CSX-P, CDPSE, CGEIT, CIPP (desired)
Have PCI experience or current certifications, PCIP, certified QSA (desired)
This is a full-time, permanent role and can be remote or based at our Glendale, Olathe or Carmel Office, with flexibility for Home Working. The hours are Office based, but flexibility needed as team members are geographically separated
PSI offers a competitive and comprehensive benefits package inclusive of:
Medical, Dental, Vision, Life, and Short and Long-Term Disability Insurance
Flexible Spending Accounts
401k plan with company match
Generous PTO and Holiday Pay
Internal Number: SENIO01413
About PSI Services LLC
At PSI, our mission is to help people meet their potential. That is our core purpose, enabling our vision to empower people in their careers and drive organizational success. We achieve this by being the one workforce solutions provider that fuses science, technology, and expertise to deliver best-in-class testing, assessment and development products and services.
PSI’s culture is as strong as the people who embody our core values. These include our drive to work together as one team, to be dependable in our pursuit of rigor and excellence, to value people and respect everyone’s talents, to embrace diversity in perspectives and culture, and to think creatively with the willingness to experiment.
Learn more about what we do at: http://www.psionline.com