Security Analyst II (Remote Work Available)

Apply for this position Please mention DailyRemote when applying
Posted 2 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Security Analyst II - Project and Compliance The Security Analyst II is responsible for driving compliance , remediation, and project completion for North American Automotive Security . The Sr Security Analyst is the primary point of contact for all projects, security findings and risk assessments . The Sr Security Analyst will be responsible for coordinating and communicating a timely and appropriate response impacting the GPC customers and all relevant stakeholders. Primary Duties: Facil itate oversight and remediation of security findings Effectively communicate with management and provide reporting on validation testing activities including identified exceptions and remediation action plans in a clear and concise manner Coordinate PCI compliance, including training, with Stakeholders Provide consultative support and collaborate with business partners to identify enhancement opportunities to strengthen processes and controls Execute ad-hoc and assigned projects as needed Develop and maintain a good working relationship with colleagues in other risk and control functions Knowledge of IS Risk Frameworks and Standards (NIST 800-53, ISO 27000 series, NIST Cybersec u rity Framework, PCI-DSS) Assist with compliance assessments related to Enterprise Security Policies/Standards/Procedures Assist with exception management processes. Work with stakeholders to provide security solutions that support their business requirements Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations. Communicate technical and business problems clearly, quickly and in a concise manner to a variety of audiences Facilitate meetings and help drive security solutions working across corporate teams Coordinate SOX testing with stakeholders Requirements: Must have BS/BA Degree 10 + years' experience in third-party management, audit, oversight, SOX testing, operational risk management, or similar role Knowledge of third-party management, internal controls, financial/banking regulations and risk assessment and mitigation Working knowledge of Governance processes and tools such as RSA-Archer, RSAM, etc. Ability to review security controls, practices, and infrastructure Advanced skills in evaluating risk and controls in a complex and diverse operating environment Project management skills with ability to work independently and with a team, prioritize and manage multiple projects and succeed in a fast-paced environment Strong written and verbal communication skills with a proven track record of building effective working relationships with internal and external business partners and senior leaders Ability to multi-task and adjust to changing priorities to meet customer expectations Willing to share knowledge and assist others in understanding technical and business topics Strong analytical, technical, and problem-solving skills Advanced knowledge of third-party compliance deliverables, such as Statement on Standards for Attestation Engagements No. 16 (SSAE16) audit reports, Payment Card Industry Data Security Standard (PCI DSS) Attestations of Compliance (AOC), General Data Protection Regulation (GDPR), and other regulatory information Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays Preferred certification: CISSP, CISA , CISM or equivalent Recommended skills and capabilities Knowledge of PCI compliance including PCI DSS, SAQ, ASV, and annual reporting requirements Self-motivated, self-directed and shows attention to detail while working Works ethically and with integrity supporting organizational goals and values Knowledge of SOX Testing requirements Displays commitment to excellence Completes work in a timely manner and meets deadlines Contributes to building a positive team spirit and treats others with respect Maintains confidentiality of information and uses information appropriately Exhibits sound judgment when making decisions and recommendations Fosters collaboration toward a common vision and shared goals Note - There may be occasions where travel is ne eded. This would not exceed 10%. GPC believes the fair and equitable treatment of employees, customers, suppliers and other persons is critical to fulfilling its vision and goals. GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, age, pregnancy, sexual orientation, gender identity, genetic information, disability, military status, status as a veteran, or any other protected characteristic. GPC's policy is to recruit, hire, train, promote, assign, transfer and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons.