Easter Seals Jobs

Home View All Jobs (2,036,867)

Job Information

Coast Professional, Inc. GRC Security Analyst in Geneseo, New York

Description

Benefits

  • 11 Paid Holidays

  • 401(k)

  • 401(k) matching

  • AD&D insurance

  • Advancement opportunity (Coast promotes from within)

  • Dental insurance

  • Disability insurance

  • Employee assistance program

  • Flexible schedule

  • Health insurance

  • Life insurance

  • Paid sick time

  • Paid time off

  • Paid training

  • Referral program

  • Vision insurance

    Job type

Full-time.

Location

This is a Hybrid opportunity located at 4273 Volunteer Road Geneseo, NY 14454.

Pay

$65,000 - $75,000.

Schedule

Monday to Friday.

Job Summary

The GRC Security Analyst will be responsible for ensuring the organization's compliance with regulatory requirements, managing risks, and implementing governance practices to safeguard our information assets. You will work collaboratively across teams to support the development, implementation, and maintenance of the organization's security policies, standards, and controls.

Job Duties and Responsibilities

  • Develop, implement, and maintain security policies, procedures, and standards in alignment with industry best practices and regulatory requirements.

  • Provide guidance to internal stakeholders on security and compliance frameworks (e.g., ISO 27001, NIST, SOC 2, HIPAA, PCI, etc.).

  • Conduct regular reviews and updates of security governance documentation.

  • Identify, assess, and prioritize security risks within the organization.

  • Perform risk assessments and recommend mitigations to address identified vulnerabilities.

  • Collaborate with business units to ensure risk mitigation measures are effectively implemented.

  • Monitor, track and ensure compliance with applicable regulatory requirements and industry standards. Work with Management to report gaps or deficiencies.

  • Support internal and external audits, including collecting and organizing evidence.

  • Responsible for cyber security, virus, malware detection and training through various software and hardware platforms.

  • Develop and deliver security awareness training programs for employees and contractors.

  • Track metrics related to governance, risk, and compliance activities.

  • Prepare detailed reports for management and other stakeholders regarding security posture and compliance status.

  • Collaborate with the incident response team to ensure compliance with incident-handling policies and regulatory reporting requirements.

  • Documents and monitors security controls, reports and processes.

  • Assist in post-incident reviews to identify improvements in risk management and governance processes.

  • Collaborates in planning for infrastructure design and review of software acquisitions/ upgrades; reviews to ensure appropriate level of systems and network security compliance.

  • Ensures that breaches of information security are identified and investigated, and that procedures for detecting, reporting and investigating such incidents are developed and continually enhanced.

  • Performs other tasks as assigned by management.

    Security

Information and Physical Security is the responsibility of every employee. In your position you are required to safe guard the computer systems by following proper username and password management which includes selecting challenging passwords and committing them to memory – they should not be written down or stored where others can freely have access. This also includes securing your desk and workstation when you are not there – this includes locking your session, and putting sensitive paperwork away when not physically at your desk. You are not to share your username or password with anyone. The physical security of our offices of are equal importance, never shadow or let someone shadow your entry into a Coast Professional, Inc. facility – if this occurs quickly report this action immediately. You are required to follow all Information Technology policies and procedures in regards to the management of your system accounts and equipment. If you witness any security violation you should immediately report it to management.

Qualifications Knowledge, Skills and Abilities

  • Knowledge of standard concepts, practices and procedures to support Active Directory

  • Knowledge of a range of network systems, protocols, and applications.

  • Knowledge of a broad range of relevant multi-user computer systems, applications, and/or equipment.

  • Proficient in tools for risk management, compliance tracking, and audit support.

  • Ability to effectively manage time and multiple projects to meet deadlines

  • Ability to communicate technical information to non-technical personnel.

  • Ability to comply with rules, regulations, laws and methods as related to debt collection

  • Work requires willingness to work a flexible schedule.

  • Excellent written and verbal communication skills to present ideas in a clear and concise manner.

  • Demonstrated strong analytical and problem solving skills

  • Establish a good working relationship with team members and internal contacts in order to maintain and continuously strive to improve the level of overall service being provided

  • Professional attitude, enthusiastic, and reliable

  • Regulatory Compliance experience with FISMA, PCI, SOC, NIST, STIG, CIS, ISO, HIPAA controls and audit practices.

    Education & Experience

  • 2+ years of experience in governance, risk and compliance roles

  • 1+ year of experience in an Information Security role

  • Bachelor’s degree in Information Technology or industry IT certifications may be used in lieu of some required experience.

  • CISA, CRISC, CISSP certification preferred. Equivalent combination of education and experience.

    Clearance

    As a federal contractor, this position requires U.S. citizenship and security clearance granting access to classified information. The background investigation is conducted by the Office of Personnel Management (OPM) and is an evaluation of the whole person to determine suitability. The suitability review begins after a conditional offer of employment has been accepted and will include a review of your employment, education, residences, references, criminal history and credit, as an example.  Some of the most important factors in an investigation are the individual’s honesty, candor, and thoroughness in the completion of their security forms. In rare instances, non-U.S. citizens with highly specialized skills and experience may also be considered for the security clearance process.

    Working Conditions

Work may require frequent weekend and evening work. This position has limited travel requirements and may require overnight travel.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this position, the physical presence in the workplace is essential. The employee is regularly required to talk or hear. The employee frequently is required to use hands or finger, handle, or feel objects, tools or controls. The employee is occasionally required to stand; walk; sit; reach with hands and arms; climb or balance; and stoop, kneel, crouch, or crawl.

The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, color vision, peripheral vision, and the ability to adjust focus.

The noise level in the work environment is usually moderate.

Disclaimer

This job description reflects management’s assignment of essential job functions but is not intended to be a comprehensive list of all activities, duties and responsibilities required by the job incumbent. Nothing in the herein restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.

Coast Professional, Inc. is an Equal Opportunity/Affirmative Action Employer M/F/Vet/Disability. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin.

Qualifications

Education

Required

  • High School or better

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

DirectEmployers