Lead Governance, Risk, and Compliance Analyst - Security Certifications & Security

Yesterday

Apply Now

Receive Emails with Similar Jobs

Arctic Wolf

WebsiteLinkedInAll Job Openings

Cybersecurity • Security Information Event Management • Managed Security Operations Center • Managed Security Services • Big Data Security

1001 - 5000

Description

• The Lead Governance, Risk, and Compliance Analyst works with cross-functional stakeholders to identify/manage the security & privacy risks and establish governance and compliance processes across our organization. • This role is hands-on but also keeps a broader view on creating processes and policies that align with, and enhance, the AW growth strategy. • Responsible for leading, building and managing any new security certifications Arctic Wolf may wish to obtain such as CMMC, Cyber Essentials, PCI DSS, FedRAMP & StateRAMP. • Working collaboratively across teams to shape AW’s information security program to ensure that AW protects the confidentiality, integrity, and availability of AW’s customer & internal data and that management, operational, and technical security controls are implemented across all products and solutions in accordance with compliance standards underlying the external certifications/attestations.

Requirements

• Must have demonstrable experience in both building and operating CMMC, FedRAMP/StateRamp certification programs • Additional NIST, PCI DSS, ISO, SOC2 or other similar governance and compliance frameworks is preferred • Impeccable analytical capacity and experience adding structure in a complex, ambiguous environment • Effective project management skills, as well as excellent verbal and written communication skills • Strong cross-group collaboration and team player, dealing with complex problems, resolving conflicts, and experience influencing cross-functionally, and with executive-level audiences • Ability to quickly adapt to shifting priorities, demands and timelines through both analytical and problem-solving capabilities • Ability to analyze fragmented inputs (critical thinking), synthesize key attributes and recommend/deliver effective, balanced recommendations and outcomes • Deep understanding of security, privacy, regulatory requirements that may impact the tech industry • Minimum Qualifications 5 + years of experience in managing compliance programs – must show demonstrable experience leading, building and running programs that led to security certifications for the organization • Bachelors degree or equivalent work experience • Preferred Qualifications Master’s degree in business, management information systems, or related field • Experience managing a team both directly and in a matrixed fashion • CISSP, CRISC, CISA or equivalent certification preferred • 10+ years directly related experience

Benefits

• Equity for all employees • Bonus or commission pay based on role • Flexible time off, paid volunteer days and paid parental leave • 401k match • Medical, Dental, and Vision insurance • Health Savings and Flexible Spending Agreement • Voluntary Legal Insurance • Training and career development programs