Lead GRC Analyst
Genuent
- Houston, TX
- Permanent
- Full-time
Location: Houston, TX
Duration: 3-month contract
Work Requirements: US Citizens, GC Holders, or Authorized to Work in the U.S.Qualified and interested candidates should email their resumes to Slater Davidson at sdavidson@inspyrsolutions.com.Skillset / Experience:
INSPYR Solutions is seeking a GRC Analyst for one of its oil and gas clients in the Houston area. This person will conduct thorough risk assessments for the cloud, PaaS (Platform as a Service), SaaS (Software as a Service), and Identity solutions.Responsibilities for this role include:
- Conduct thorough risk assessments for cloud, PaaS (Platform as a Service), SaaS (Software as a Service), and Identity solutions.
- Evaluate the proposed solutions against existing policies and regulatory frameworks (such as CRISC, ISO27001, SOC2, and CISM) to ensure compliance and security standards are met.
- Identify and analyze potential risks associated with implementing new technologies or systems.
- Develop strategies to mitigate risks and ensure alignment with organizational goals and compliance requirements.
- Prepare detailed reports summarizing identified risks, proposed solutions, and compliance status.
- Collaborate with cross-functional teams to address identified risks and implement appropriate controls.
- Present findings and recommendations to team supervisors and business stakeholders to obtain buy-in at the business level.
- Stay updated on emerging trends, best practices, and regulatory changes in governance, risk, and compliance.
- Strong knowledge of IT Security Architecture as it relates to PaaS, SaaS, and Cloud environments.
- CISSP required.
- Knowledge of NIST 800-52
- Proven experience in governance, risk management, and compliance, preferably in a cloud computing environment.
- Strong understanding of relevant regulatory frameworks such as CRISC, ISO27001, SOC2, and CISM.
- Excellent analytical and problem-solving skills, with the ability to assess complex technical environments and identify potential risks.
- Effective communication skills, with the ability to convey technical information to non-technical stakeholders and influence decision-making.
- Relevant certifications in GRC, such as CRISC, ISO27001, SOC2, or CISM, are highly desirable.
- Ability to work independently and collaboratively in a fast-paced, dynamic environment.
- Strong attention to detail and a commitment to maintaining the highest standards of security and compliance.
- Comprehensive medical benefits
- Competitive pay, 401(k)
- Retirement plan
- …and much more!