GRC Analyst
3B Staffing LLC, Boston, MA, United States
Title: GRC Analyst
Location
MassDOT, 10 Park Plaza, Boston, MA 02116
Duration:
1 year W/possible extensions
Skill Set
- disaster recovery, IT,
Hours / Shift:
Monday -Friday 9:00 to 5:00 40 hour work week
Notes:
.
37.5 Hours a week. hybrid
Information Security Governance, Risk and Compliance (GRC) Analyst
The Massachusetts Department of Transportation (MassDOT) is actively hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission - which is to protect the confidentiality, integrity, and availability of MassDOT's digital information and systems.
GRC is a key pillar of the MassDOT Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks. Our GRC program needs your help while we expand our implementation and tracking of security safeguards across the organization.
The InfoSec GRC Analyst role will be a member of a 4-person team, reporting to the GRC Lead and will work closely with the Chief Information Security Officer (CISO) and InfoSec Lead.
The ideal candidate is a self-starter with a passion for building relationships and collaboration. The candidate should have strong written and verbal communication skills.
Sample Duties and Responsibilities:
Ability to read, comprehend, and analyze published:
laws and regulations, security policies and standards, and information sharing agreements.
leading security frameworks such as the National Institute of Standards and Technology (NIST) Cyber Security Framework.
security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.
Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.
Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.
Track security safeguards for several compliance programs including Payment Card Industry Data Security Standard (PCI-DSS), Social Security Administration (SSA), Federal Motor Carriers Safety Administration (FMCSA), Criminal Justice Information Services (CJIS), and agency requirements for issuance of Real ID in Massachusetts.
About You
Required
Two plus (2+) years of training or practical experience in IT Operations
Two plus (2+) years of training or practical experience in Information Security Risk Management
Strong work ethic, great time management, and highly inclusive team player
Effective verbal and written communicator, with excellent writing skills
Authorization to work indefinitely in the U.S.
Preferred:
Bachelor's degree or equivalent in Cyber/Information Security
Industry certifications such as CISSP
Previous experience on a GRC team in a large organization
Why Join MassDOT
Make a difference. We don't just go to work. We're a team of employees and contractors committed to securing MassDOT's information systems to ensure reliable, safe, secure transportation systems and constituent services for the Commonwealth of Massachusetts.
MassDOT has a diverse workforce and a flexible work environment. Currently, the Information Security Team is working in a flexible hybrid remote/in-office arrangement that is subject to change by leadership. Our in-office location is 10 Park Plaza, suite 8450, Boston, MA 02116.
Let's Work Together
MassDOT is headquartered in Boston at 10 Park Plaza and is convenient to public transportation.
MassDOT is an equal opportunity employer.
Location
MassDOT, 10 Park Plaza, Boston, MA 02116
Duration:
1 year W/possible extensions
Skill Set
- disaster recovery, IT,
Hours / Shift:
Monday -Friday 9:00 to 5:00 40 hour work week
Notes:
.
37.5 Hours a week. hybrid
Information Security Governance, Risk and Compliance (GRC) Analyst
The Massachusetts Department of Transportation (MassDOT) is actively hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission - which is to protect the confidentiality, integrity, and availability of MassDOT's digital information and systems.
GRC is a key pillar of the MassDOT Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks. Our GRC program needs your help while we expand our implementation and tracking of security safeguards across the organization.
The InfoSec GRC Analyst role will be a member of a 4-person team, reporting to the GRC Lead and will work closely with the Chief Information Security Officer (CISO) and InfoSec Lead.
The ideal candidate is a self-starter with a passion for building relationships and collaboration. The candidate should have strong written and verbal communication skills.
Sample Duties and Responsibilities:
Ability to read, comprehend, and analyze published:
laws and regulations, security policies and standards, and information sharing agreements.
leading security frameworks such as the National Institute of Standards and Technology (NIST) Cyber Security Framework.
security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.
Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.
Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.
Track security safeguards for several compliance programs including Payment Card Industry Data Security Standard (PCI-DSS), Social Security Administration (SSA), Federal Motor Carriers Safety Administration (FMCSA), Criminal Justice Information Services (CJIS), and agency requirements for issuance of Real ID in Massachusetts.
About You
Required
Two plus (2+) years of training or practical experience in IT Operations
Two plus (2+) years of training or practical experience in Information Security Risk Management
Strong work ethic, great time management, and highly inclusive team player
Effective verbal and written communicator, with excellent writing skills
Authorization to work indefinitely in the U.S.
Preferred:
Bachelor's degree or equivalent in Cyber/Information Security
Industry certifications such as CISSP
Previous experience on a GRC team in a large organization
Why Join MassDOT
Make a difference. We don't just go to work. We're a team of employees and contractors committed to securing MassDOT's information systems to ensure reliable, safe, secure transportation systems and constituent services for the Commonwealth of Massachusetts.
MassDOT has a diverse workforce and a flexible work environment. Currently, the Information Security Team is working in a flexible hybrid remote/in-office arrangement that is subject to change by leadership. Our in-office location is 10 Park Plaza, suite 8450, Boston, MA 02116.
Let's Work Together
MassDOT is headquartered in Boston at 10 Park Plaza and is convenient to public transportation.
MassDOT is an equal opportunity employer.