It’s raining opportunity in Portland
The tech industry in Portland market is characterized by many small, highly nimble firms at the leading edge of innovation—and a booming job market. Come grow with us in Portland: check out our Portland IT jobs.
As a Program Governance Analyst, your role on the Governance team will include leveraging your knowledge of information security best practices as you consult with partners across all the entire company. You will play a critical role in ensuring that GRC functions are incorporated into key security services and programs.
Your responsibilities will also include:
• Advising on Insider Threat best practices including associated technical protections, identification of categories of threat actors, and process evaluation and design.
• Obtaining a deep level of technical and process knowledge across multiple security domains in a short amount of time.
• Oversight of governing documentation for security domain specific policies, standards, controls, control activities, and standard operating procedures.
• Researching, developing, and implementing best practices across multiple security domains (e.g. Cloud Security, Data Loss Prevention (DLP), Vulnerability Management (VM), etc.)
• Designing and building solutions that integrate applications and other services, align processes with business processes, and required governance and policy needs for internal, external and federated use cases.
• Consulting with GRC and other CIS and Technology stakeholders to ensure alignment between all groups.
• Taking ambiguous high-level language and translating to achievable, clear milestones and delivering the desired outcome
• Diplomatically influencing teams to implement a Governance Framework, articulating its value and tactfully helping adjust existing operations to align with the framework.
• Ability to gain a deep level of technical and process knowledge across multiple security domains in a short amount of time.
• Thinking both strategically and tactically regarding security issues in order to understand the long game while executing on tactical milestones.
• Staying current on information security technologies, trends, standards and best practices.
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who had these experiences and clearly demonstrated these skills:
• Bachelor’s Degree in relevant field and minimum of 7 years relevant IT experience
• CISA, CRISC, CISSP, or CISM certifications beneficial
• Knowledge of control frameworks such as COBIT, COSO, NIST and/or ISO 27000
• Experience operating and maintaining DLP and DRM infrastructure, leading or participating in their day-to-day operations and maintenance, as well as monitoring, reporting, and auditing technical, security, and business activities.
• Experience designing and building a data protection program that meets the needs of multiple stakeholders and ensures the appropriate governance and policy needs.
• At least five years of documenting and implementing security policies, standards, and/or controls
• Strong working and technical knowledge of data protection technologies, including Digital Rights Management (DRM) and Data Loss Prevention (DLP)
• Strong ability to translate strategic vision and objectives into real world operations
• Proven ability to think logically and strategically about technical solutions that are efficient, scalable, and re-usable.
• Excellent analytical and problem solving skills and strong attention to detail.
• Proven ability to identify and develop clear and understandable performance measures from high-level business objectives.
• Strong business acumen to quickly learn new business processes and understand how application performance requirements support the business in achieving revenue and profit goals.
• Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to other teams within the organization globally.
• IT Audit, internal Audit and/or risk advisory experience is a plus.
• Experience working as a BSA/Lead on multiple projects and business functions is a plus.
• Comfortable working with ambiguity is a must.
• Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict.
• Proven presentation and facilitation skills.
• Demonstrated expertise of building a consensus across business partners and technology leaders, and influencing successful outcomes.
• Must excel working in team-oriented roles that rely on ability to collaborate with others.
• Experience working successfully in a highly matrixed work environment.
Please send your resume to Crystal at firstname.lastname@example.org
Mainz Brady Group provides technology staffing solutions to the best known companies in Software Development, Finance, Electronics/Manufacturing, Retail, R&D, Services, Biotechnology, Healthcare and Telecommunications.
We specialize in Information Technology, Technical Sales and Marketing Staffing on a Contract, Contract to Hire, and Direct Hire basis.
To see a complete listing of all current openings please visit us at www.mbg.com/
Apply for Governance Analyst
Fill out the form below to submit your information for this opportunity. Please upload your resume as a doc, pdf, rtf or txt file. Your information will be processed as soon as possible.
Return to IT Job Search