Thank you for subscribing to your personalized job alerts.

    1 job found in sun prairie, wisconsin

    Filter2
    • Industry1
      Working in
      Show 1 jobs
      Clear filter
    • Location1
      Location & range
        Show 1 jobs
        Clear filter
      • Job types
        Job types
        Show 1 jobs
        Clear filter
      • Salary
        Salary
        $
        Show 1 jobs
        Clear filter
      Clear all
        • Madison, Wisconsin
        • Permanent
        • $70,000 - $90,000 per year
        • 8:00 AM - 5:00 PM
        We are looking for a Governance, Risk and Compliance Analyst to be the Lead role in security and privacy governance and compliance for the companyThis will also involve having a lead role with the security exception process, including leading the completion of security exceptions, tracking and following up on alternative mitigating action items included within approved security exceptions.Responsibilities:- Lead role in security and privacy governance and compliance for the company. This entails creating new or leading the maintenance of existing security and privacy policies, standards and specifications to ensure they are current and appropriately aligned with applicable laws, regulations, and the evolution of security risks. Collaboration to ensure alignment of policies, standards, and specifications across the enterprise. - Lead and maintain the incident response process for the company - lead low to moderate security/privacy incidents, driving action, providing root cause analysis, and timely resolution in accordance with regulatory, federal or state security/privacy law. Also, this role will maintain the incident response process, and participate in table-top exercises of mock security/privacy incidents.- Providing input into the risk assessment process for reviewing new software, hardware, internally developed systems, third parties, and newly acquired companies. Lead remediation of risks identified through the risk register process and contribute towards improving the overall risk management program. It also includes leading annual security assessments against established security control framework(s), completing written reports of results to be shared with IT senior leaders and senior leaders outside of IT. In addition, this role will track all action plans committed to by various leaders. - Lead role in the third party risk assessment process, which will include sending third party risk assessments to vendors, evaluating the risk level, recommending mitigating controls, documenting the assessment and following up on action plans. This will include periodically assessing compliance with security and privacy provisions. This may also include ensuring standard security and privacy provisions are included in third party contracts given the nature of the agreement (e.g., scope of work, sensitivity of data involved).- Responsible for creating and maintaining key deliverables for IT and business leadership. This includes team dashboard or performance reporting, as well as security and privacy event/incident reporting. Lead security awareness and compliance training program. - Collaborate with cross-functional work teams on business, operational or IT processes for managing internal policies, external regulations, or managing information risk.Working hours: 8:00 AM - 5:00 PMSkills:- Experience auditing or working with security control frameworks such as NIST 800-53, Framework for Improving Critical Infrastructure, CIS Critical Security Controls, ISO 27001/2, COBIT a plus- Experience auditing or working with various privacy regulations or compliance requirements such as PCI DSS, CPNI, GDPR, HIPAA, and Federal/State Privacy laws a plus.- Excellent written, presentation, and verbal communication skills.- Proven experience with writing detailed risk assessments/reports is preferred. Experience with audit committee or board reporting a plus.- Strong organization skills to effectively manage, lead and prioritize multiple projects/tasks simultaneously to quality and timely completion in a fast-paced and changing environment.- Experience with security/privacy policy development a plus- Experience with third party risk assessments a plus- Results driven with a passion to influence change and a strong attention to detail.- Effective and creative problem-solving skills.- Perform tasks outside normally scheduled business hours as needed to complete project work and/or implement scheduled changes as needed.- Human relations skills to interface with employees at all levels within the organization to manage risk in concert with the business needs that drive the company forward.- Professional attitude, courteous, and collaborative towards internal and external customers, third party business partners/suppliers, and other employees, particularly in collaborating with technical IT professionals to accomplish project objectives- Insatiable desire to learn and take initiative to stay apprised of changes in industry and competitive environment, new technologies, and new products/services.Education:BachelorsExperience:4-7 yearsQualifications:- Bachelors degree (or higher) -OR- 4+ years of professional work experience- 4+ years of IT-related work experience- 3+ years of IT security or audit related work experience To apply click on the button in the top right corner!Spherion has helped thousands of people just like you find work happiness! Our experienced staff will listen carefully to your employment needs and then work diligently to match your skills and qualifications to the right job and company. No one works harder for you than Spherion. EEO Employer: Race, Religion, Color, National Origin, Citizenship, Sex, Sexual Orientation, Gender Identity, Age, Disability, Ancestry, Veteran Status, Genetic Information, Service in the Uniformed Services or any other classification protected by law.
        We are looking for a Governance, Risk and Compliance Analyst to be the Lead role in security and privacy governance and compliance for the companyThis will also involve having a lead role with the security exception process, including leading the completion of security exceptions, tracking and following up on alternative mitigating action items included within approved security exceptions.Responsibilities:- Lead role in security and privacy governance and compliance for the company. This entails creating new or leading the maintenance of existing security and privacy policies, standards and specifications to ensure they are current and appropriately aligned with applicable laws, regulations, and the evolution of security risks. Collaboration to ensure alignment of policies, standards, and specifications across the enterprise. - Lead and maintain the incident response process for the company - lead low to moderate security/privacy incidents, driving action, providing root cause analysis, and timely resolution in accordance with regulatory, federal or state security/privacy law. Also, this role will maintain the incident response process, and participate in table-top exercises of mock security/privacy incidents.- Providing input into the risk assessment process for reviewing new software, hardware, internally developed systems, third parties, and newly acquired companies. Lead remediation of risks identified through the risk register process and contribute towards improving the overall risk management program. It also includes leading annual security assessments against established security control framework(s), completing written reports of results to be shared with IT senior leaders and senior leaders outside of IT. In addition, this role will track all action plans committed to by various leaders. - Lead role in the third party risk assessment process, which will include sending third party risk assessments to vendors, evaluating the risk level, recommending mitigating controls, documenting the assessment and following up on action plans. This will include periodically assessing compliance with security and privacy provisions. This may also include ensuring standard security and privacy provisions are included in third party contracts given the nature of the agreement (e.g., scope of work, sensitivity of data involved).- Responsible for creating and maintaining key deliverables for IT and business leadership. This includes team dashboard or performance reporting, as well as security and privacy event/incident reporting. Lead security awareness and compliance training program. - Collaborate with cross-functional work teams on business, operational or IT processes for managing internal policies, external regulations, or managing information risk.Working hours: 8:00 AM - 5:00 PMSkills:- Experience auditing or working with security control frameworks such as NIST 800-53, Framework for Improving Critical Infrastructure, CIS Critical Security Controls, ISO 27001/2, COBIT a plus- Experience auditing or working with various privacy regulations or compliance requirements such as PCI DSS, CPNI, GDPR, HIPAA, and Federal/State Privacy laws a plus.- Excellent written, presentation, and verbal communication skills.- Proven experience with writing detailed risk assessments/reports is preferred. Experience with audit committee or board reporting a plus.- Strong organization skills to effectively manage, lead and prioritize multiple projects/tasks simultaneously to quality and timely completion in a fast-paced and changing environment.- Experience with security/privacy policy development a plus- Experience with third party risk assessments a plus- Results driven with a passion to influence change and a strong attention to detail.- Effective and creative problem-solving skills.- Perform tasks outside normally scheduled business hours as needed to complete project work and/or implement scheduled changes as needed.- Human relations skills to interface with employees at all levels within the organization to manage risk in concert with the business needs that drive the company forward.- Professional attitude, courteous, and collaborative towards internal and external customers, third party business partners/suppliers, and other employees, particularly in collaborating with technical IT professionals to accomplish project objectives- Insatiable desire to learn and take initiative to stay apprised of changes in industry and competitive environment, new technologies, and new products/services.Education:BachelorsExperience:4-7 yearsQualifications:- Bachelors degree (or higher) -OR- 4+ years of professional work experience- 4+ years of IT-related work experience- 3+ years of IT security or audit related work experience To apply click on the button in the top right corner!Spherion has helped thousands of people just like you find work happiness! Our experienced staff will listen carefully to your employment needs and then work diligently to match your skills and qualifications to the right job and company. No one works harder for you than Spherion. EEO Employer: Race, Religion, Color, National Origin, Citizenship, Sex, Sexual Orientation, Gender Identity, Age, Disability, Ancestry, Veteran Status, Genetic Information, Service in the Uniformed Services or any other classification protected by law.

      Thank you for subscribing to your personalized job alerts.

      It looks like you want to switch your language. This will reset your filters on your current job search.