Security Analyst, GRC

About Hire Right

Hire Right is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East.

Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide

This role reports to the Senior Director, Governance Risk & Compliance and will primarily conduct cyber security audits and assessments that help ensure that the organization is compliant, and ready for, certification of its security program. This is a position that requires strong communication and relationship building skills, as well as patience and attention to detail.

• Prepare and conduct internal audits of the Information Security Management System (ISMS) and Privacy Information Management System (PIMS) in accordance with ISO 27001 and ISO 27701 requirements to support readiness for external audits.
• Develop and maintain an annual audit plan covering planned operational, ISMS, and PIMS internal audits.
• Track, monitor, and follow up on remediation actions resulting from internal audits, including those from both prior and current audit cycles, to ensure timely and effective closure.
• Perform periodic fraud risk assessments to identify, evaluate, and document potential fraud risks and control gaps.
• Review, update, and maintain internal information security policies on an annual basis to ensure ongoing alignment with regulatory, ISO, and organizational requirements.
• Continually reviews and improves the assessment methodology, process, and procedures.
• Work closely with partners in technology or other departments to identify, prioritize and remediate security compliance issues.
• Performs ad-hoc compliance requests or additional duties as assigned.

• BS, BA in Information Technology, Computer Science or other related
  
  Business/Technology/Analytical studies
• Security+, CISA, CIPP, ISO 27001 or similar certificationa plus
• Prior experience with cyber security, privacy, governance, risk & compliance (GRC), internal audit or other similar function
• Knowledge of ISO
  27001, ISO
  27701, or SOC2 Type II preferred.
• Experience interpreting industry and regulatory requirements and authoring supporting controls.
• Experience performing third party assurance assessments;
  Audit Board, One Trust or similar platform experience a plus
• Excellent client relationship and customer service skills, with a clear client focus.
  
  Note:
  
  nearly all customer facing interactions will require English proficiency in writing and speaking.
• Strong Project Management Skills
• High degree of independence and exceptional work ethic with a team player
• Familiarity with core IT and Information Security Technologies
• Exceptional interpersonal, written and oral communication skills

Hire Right offers a competitive benefit package which includes:

• Medical
• Dental
• Vision
• Paid Life/AD&D Insurance
• Voluntary Life Insurance
• Short & Long Term Disability
• Flexible Spending Accounts
• 401K
• Generous Vacation and Sick Program
• 10 Paid Holidays
• Education Assistance Program
• Business Casual Attire
• Generous Referral Program
• Employee Discounts and Rewards
• And much more!

Hire Right, LLC is an Equal Opportunity Employer

Minorities / Females / Veterans / Disabilities

Hire Right does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Hire Right and Hire Right will not be obligated to pay a placement fee