Security Analyst I

Description
In this role you will support the Security Governance, Risk, and Compliance team in maintaining and communicating information security policies, standards, and procedures, assisting in maintaining security training awareness campaigns and communications, working with partners to improve behaviors, processes, procedures, and technical documentation.

**Responsibilities**:

- Manage and maintain IT/Cybersecurity policies, standards, procedures, and other types of documentation. (Policy Management Lifecycle)
- Assist in administration of third-party risk management (TPRM) review workload including responding to TPRM requests, coordinating/communicating with internal and external SMEs, and follow up on tasks/findings accordingly. (Third-Party Security Risk Management)
- Assist with maintenance of client's cybersecurity training and awareness platform/strategy. This includes creation of content, training documentation, templates, tracking of training non-compliance. (Security Training, Awareness, and Communications)
- Act as Level 1 support monitoring the GRC ServiceNow queue and Team inboxes, answer questions, concerns and escalate accordingly. (Monitoring and Advisory)
- Assist in coordinating remediation work with organizational SMEs. (Vulnerability Management)
- Assist in maintaining KPI’s and KRI’s. Includes development of dashboards and data visualizations. (Security Metrics)
- Research emerging technologies, IT/Cybersecurity best-practices, frameworks, and regulations and periodically report out to IT Leadership.

**Requirements**:

- Have an understanding of basic IT concepts and/or engage in continuous learning of the security program and IT concepts.
- Stay abreast of relevant industry trends, certifications, frameworks
- Asks clarifying questions when presented with unfamiliar data or requests.
- Strong sense of ownership and the ability to work with a sense of urgency.
- Able to handle high workload, prioritize, and take responsibility for deliverables as assigned.
- Commitment to drive professional development within Information Security disciplines
- Ability to occasionally work independently, and as part of a product team

3 years