Cybersecurity Analyst - Governance, Risk, and Compliance

Riverside Research Institute - Dayton, OH

posted 16 days ago

Full-time
Dayton, OH
Professional, Scientific, and Technical Services

About the position

Riverside Research is seeking a Cybersecurity Governance, Risk and Compliance (GRC) Analyst to support the development, assessment, and execution of security controls for the company's corporate enterprise information systems. This role is crucial for minimizing risk exposure and ensuring compliance with corporate and regulatory security requirements. The position offers exposure to a variety of emerging technologies and requires U.S. Citizenship, with a hybrid work schedule based in Beavercreek, Ohio.

Responsibilities

  • Conduct security control design assessments
  • Conduct recurring operating effectiveness audits to identify potential control failures
  • Support root cause analyses for control failures and provide recommendations for improvement
  • Contribute updates to relevant System Security Plans (SSP)
  • Maintain GRC platform deficiency registers
  • Support operational control processes and user requests for support
  • Maintain systems of record for exemptions to policy
  • Contribute to security and risk impact analysis for information technology components and services
  • Develop system compliance artifacts & body of evidence (BOE)
  • Contribute to corporate policy and procedure development
  • Contribute to enterprise security awareness and training
  • Support corporate incident response processes

Requirements

  • Bachelor's degree in an information technology or cybersecurity related field
  • Five (5) years relevant experience
  • Working experience with IT or cybersecurity risk & control frameworks (CMMC, NIST CSF, NIST RMF, PCI-DSS, FedRAMP, CSA STAR, ISO 27000 series, etc.)
  • Ability to demonstrate understanding of relationships between data sensitivity and security control selection, design, implementation, and evaluation
  • Knowledge of modern enterprise-scale IT environments
  • Security control assessment and/or audit experience
  • Excellent written, verbal, and inter-personal communications skills
  • Proficient in delivering on multiple priorities simultaneously
  • Innovative self-starter with strong analytical, problem-solving, and organization skills
  • Ability to work independently with minimal direction

Nice-to-haves

  • Master's degree in an information technology or cybersecurity related field
  • Industry-recognized cybersecurity or information security certifications (CASP, Sec+, CISSP, CCSP)
  • Technical audit experience
  • Experience in regulated industries (i.e. Defense, Finance, Healthcare, Telecommunications)
  • Familiarity with FAR/DFARS requirements pertaining FCI, CDI, CUI, & CMMC
  • Familiarity with Windows and Linux Operating system management in an enterprise context
  • Understanding of enterprise authentication methods (AD, EntraID, ADFS, SAML)
  • Understanding of cloud service and deployment models and shared responsibilities
  • Working knowledge of cloud technologies (Azure, AWS, Google Cloud, etc.)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service