ZipRecruiter

Log In

GRC Analyst

GRC Analyst

1872 Consulting

Chicago, IL

Other

Posted 3 days ago

Job description

Summary:
The GRC Analyst is a member of the IT Security team and works closely with other IT teams and business stakeholders in the development and automation of core functions supporting the Information Security program.  The GRC Analyst will work to support the continued maturity of the GRC program through the development and compliance of IT Security policies and procedures and Security Awareness training. He/she will also support GRC Audit deliverables and respond to client related security inquiries.
What you'll be doing
  • Support client needs by providing thorough and timely responses to security inquires and questionnaires; participates with onsite and virtual audits and risk remediation.
  • Support the GRC program through service delivery of operational activities and related functions to include but not limited to vendor management, security awareness, audit and compliance and exception management.
  • Provide input and analysis in the development and deployment of IT Security service deliverables to include but not limited to policy and procedures, risk assessment and control evaluation, security awareness and training, exception management and risk remediation.
  • Provide platform administration of GRC related solutions, as required and develop/ maintain system documentation supporting usage of third party solutions in the delivery of vendor management, security awareness training and phishing campaigns.
  • Provide input and consultation to IT and business resources in the mapping and alignment of Security Policies against prescribed control frameworks, to include but not limited to ISO 27001, ISF Standard of Good Practice for Information Security.
  • Maintain dashboards and reporting of respective service deliverables for inclusion in monthly metrics.
  • Liase with IT and Business Risk Owners in the management of risk treatment/acceptance plans to include creation, tracking, closure and reporting of compliance status within GRC platform.
  • Liase with IT and Business Risk Owners in the management of risk treatment/acceptance plans for related security risks and work within the information security governance process to define control recommendations that are both efficient and effective.
  • Participate and contribute to information security working groups and team meetings.
  • Maintain documentation of client interactions, risk assessments and IT Security Polices and supporting procedures within document management system.
  • Other duties as needed.
Skills we're seeking
  • 3+ years of experience with IT Security and/or relevant IT Governance, Risk and Compliance experience
  • Experience with GRC tools, such as RSAM (what we use)
  • Experience with ISO 27001
Nice to haves
  • Bachelor's Degree in a relevant field
  • CISSP or CISA certifications
  • Security Ops, Cyber Security or programming experience  
  • Technical writing experience
1872 Consulting logo

About 1872 Consulting

Sourced by ZipRecruiter

1872 Consulting, based in Chicago, IL, USA, operates within the IT consulting industry. Armed with a diverse team of experts, the company offers specialized IT consulting services, focusing on modernizing business technologies and driving innovative business strategies. Established in 1872, the company has a rich history marked by its commitment to bridging the gap between businesses and technology. Its mission is to empower organizations to surpass their business goals by providing state-of-the-art IT solutions and service. The company prides itself on its core values of integrity, excellence, and innovation, instilling these principles in every project they undertake.

Industry

It services

Company size

11 - 50 Employees

Headquarters location

Chicago, IL, US

Year founded

2014

View All 1872 Consulting Jobs

Apply

Most Popular Jobs Similar to Information Security Analyst

Other Helpful Pages Related To GRC Analyst

Frequently asked questions

Q: What skills or qualities help someone succeed as a Information Security Analyst?

A: To succeed as an Information Security Analyst, key technical skills include proficiency in security frameworks and regulations (e.g., NIST, HIPAA), network security protocols (e.g., firewalls, VPNs), and threat analysis tools (e.g., SIEM, IDS/IPS). Additionally, strong soft skills such as effective communication, problem-solving, and analytical thinking are crucial for collaborating with stakeholders, identifying security risks, and implementing mitigation strategies. These technical and soft skills enable Information Security Analysts to proactively protect organizations from cyber threats and support long-term career growth by staying adaptable and responsive to evolving security landscapes.

Q: What is the career path for a Information Security Analyst?

A: A typical career path for an Information Security Analyst involves progression from entry-level roles such as Security Analyst or Junior Penetration Tester, to mid-level positions like Senior Security Analyst or Information Security Consultant, and ultimately to senior roles like Chief Information Security Officer (CISO) or Director of Information Security. Key opportunities for skill development and professional growth include certifications like CompTIA Security+ or CISSP, as well as hands-on experience with security tools and technologies, and staying up-to-date with industry trends and best practices. Long-term career prospects for Information Security Analysts may include leadership roles, specialized areas like incident response or security architecture, or transitioning into related fields like cybersecurity consulting or threat intelligence.

All JobsInformation Security Analyst JobsInformation Security Analyst Jobs in Chicago, IL
1872 Consulting job posting for a GRC Analyst in Chicago, IL with a salary of $75,800 to $118,000 Annually with a map of Chicago location.