Easter Seals Jobs

Sr Cyber Risk Analyst (Governance, Risk & Compliance- GRC)

General Information

Ref #:

20240039519

Travel Amount Required:

None

Job Type:

Regular-Full Time

Location:

Noida - India - India

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at www.ukg.com/careers #WeAreUKG

Description & Qualifications

Description

This position works as part of the Governance, Risk and Compliance (GRC) organization, which is responsible to manage cyber risk across the enterprise by means of continuous monitoring and technical risk assessments.  As a member of this organization, the individual will be committed to overall data protection, risk management, issue management and its role in the company's continued success.

This position serves as an internal risk consultant and will be the subject matter expert responsible for designing, implementing, and supporting a security control framework and technical risk assessments. This position demands an organized, detail-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required. Primary job responsibilities/ description include:

(1) To perform and support technical risk assessments on various technologies, systems, and processes of cloud environments in UKG.

(2) To perform continuous monitoring activities to confirm the control environment is operating effectively and escalate identified deviations and track those towards resolutions.

(3) To support and actively collaborate with stakeholders to ensure control activities are designed and implemented appropriately to protect the security, confidentiality, privacy, integrity, and availability of data in compliance with company’s policies and standards.

(4) To utilize industry experience and knowledge to provide expertise and support to ensure company’s security framework remains in compliance with applicable regulations and internal policies and standards.

(5) To provide expertise in support of new cloud environment activities and projects to ensure it complies with information security and privacy standards.

(6) To assist with audits of SSAE18 SOC 1, SOC 2, and ISO compliance. Contribute risk and compliance expertise and support to assist in the achievement of cloud audit/compliance programs.

(7) To facilitate the exception and exemption processes for company’s policies and standards.

(8) To support the development, implementation, and updating of relevant documentation (e.g. narratives, how-to documents, procedures, etc.).

(9) To identify relevant key performance indicators (KPIs) and perform required reporting to quantify the effectiveness of controls implemented for risk management activities.

(10) To perform additional duties and projects as assigned by management.

Qualifications

(1) Bachelor of Engineering (B.E.) or Bachelor of Technology (B.Tech.) degree in Computer Science or IT audit related discipline or equivalent experience.

(2) A minimum of 4-5 years' work experience in information security governance and risk functions (such as IT audit or IT Risk Management).

(3) Experience with information security frameworks including, SOC 2 or ISO27001/17/18 or ITGC audits.

(4) Experience in risk and issue management (identification, assessment, mitigation/ treatment, tracking, escalations).

(5) Experience in Security Monitoring of IT processes or IT Processes Testing (monitoring or testing of IT processes, such as, Problem, Incident, Change, Backup, Endpoint Protection/ Antivirus, Logical Access, Patch, Servers, Operating Systems, Databases and Networks). The candidate should've security/ risk related working experience at least to some of these processes, if not on all of these.

(6) Experience in working closely together with business/ stakeholders for risks and issues identification and resolution.

(7) Experience in Reporting or Metrics or KPI to measure effectiveness of controls.

(8) Familiarity or Experience with Governance, Risk and Compliance (GRC) tools, reporting and tracking.

(9) Strong verbal and written communication skills.

(10) Knowledge or Experience working in Cloud environment from security/ risk standpoint (preferred).

(11) CISSP, CRISC, CISA or similar security certification preferred.

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.

View The EEO Know Your Rights poster (https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf) and its supplement .

View the Pay Transparency Nondiscrimination Provision (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

UKG participates in E-Verify. View the E-Verify posters here (https://www.e-verify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf) .

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com.