The Senior Analyst, Security Governance Risk & Compliance will be responsible for supporting and enhancing the Security GF program by identifying, assessing and managing risks while ensuring adherence to internal policies, industry standards ar regulatory requirements. This role collaborates with business and technology teams to strengthen risk management practices maintain security and compliance frameworks, and drive continuous improvement in overall security posture.
Responsibilities
Supports the development and on-going management of the Security Governance, Risk & Compliance program
Develops and maintains security standards, process documentations and control objectives
Develops and maintains security control mappings to relevant frameworks
Matures and enhance the information security awareness and training program
Performs and manages the Information Security, Information Technology and Third-Party risk assessments
Develops and maintains risk and controls register and monitor risk treatment strategies and control effectiveness
Monitor and escalate unresolved security issues, exposures, misuse, policy violations and other non-compliance situ
tions to Security Leadership
Provide continuous tracking and monitoring of Security Program metrics
Work closely with First Line of Defense teams, to identify potential security weaknesses, define potential impact ar develop effective mitigation strategies
Collaborating with Internal Audit and Compliance teams for security and technology audit-related activities
Monitor industry regulatory environment for impact on security programs and changes to security compliance standard
Performs other duties as may be assigned.