Grc Security Analyst Jobs

Edged has an exciting opportunity for a GRC Security Analyst. In this position you will work directly with our Information Technology team and be responsible for building out our Risk Management Program, conducting risk assessments, identifying risk levels and possible solutions at Endeavour and all its business subsidiaries. We are looking for someone who can help set the standards and create the foundation to having a security-first focus environment, while strategizing ways to scale our security posture and providing cutting-edge innovative security solutions.

Edged is highly selective about the people we bring on board because our mission depends on it. Progress happens quickly and we must be able to trust one another to be transparent, communicative, strategic, reliable, and driven. We seek ultra-creatives and superstar performers with a sense of humility and a hunger to make a positive impact in the world. We offer flexibility and endless growth opportunities to those who can harness their skills and talents and identify how and where to use them to add value.

Key responsibilities include but are not limited to:

• Participate in security and privacy incident management. Coordinate and assist with applicable remediation activities. Facilitates resolution of issues in a timely and professional manner
• Stay current with the latest trends and updates with regards to governance, security, risk management, and compliance.
• Conduct Risk Assessments (Internal and Vendor)
• Manage policy and procedure development and lifecycle, including collaboration activities for compliance
• Leads presentations or briefings on all aspects of the projects being conducted
• Lead discussions to determine if security controls are implemented appropriately to obtain security certifications/framework and remain compliant. (NIST, PCI, ISO 27001, SOC2, HIPAA, GDPR, etc.)
• Coaches staff members and stakeholders relative to governance, risk, compliance, and implementation activities
• Propose and implement process changes to maintain compliance and security posture
• Serve as a subject matter expert on compliance related questions from the internal organization, coordinate with 3rd party representatives on compliance requirements, and facilitate updates to compliance documents related to security certifications
• Handle other duties and responsibilities as assigned
• Strategizing, developing, implementing and managing our Risk Management Program
• Communicate policies, procedures and requirements while engaging employees to drive behavior changes to increase policy and procedure compliance and reduce risks.
• Develop and organize policies, standards, processes, and procedures into defined document sets.
• Respond to audit inquiries regarding security controls meeting regulatory guidelines
• Identify risk levels and possible solutions to reduce them including technology, policy, and/or process change
• Provides input to project plans for current and future implementations

Skills & Requirements

Education / Experience

• Bachelor's degree in computer science, information technology or related field.
• IT Security, and regulatory experience in Data center/microgrids/mission critical facilities (HIPAA, NIST, ISO 27001, SOC2, GDPR) preferred.
• 3+ years' experience with Policies & Procedures, Risk Management and Security Certifications/Framework is required
• 3+ years’ experience in information security required
• Regulatory experience in product development & certification (UL, ULC, CE) a bonus
• Possesses professional security certifications (Sec+, CISSP, CRISC, CISA, CGEITH, CTPRP) preferred

Specific Skills / Abilities

• Work in a fast-paced environment
• Solve complex problems
• Ability to work with technical and non-technical staff
• Critical Thinker
• Self-Starter and ability to work independently
• Trustworthy and reliable
• Ability to convey security controls, compliance and privacy to staff and stakeholders
• Strategies and scale ideas and solutions
• Strong written and verbal communication skills

Great Place to Work

Enjoy…

A fast-paced, entrepreneurial culture focused on innovation

A flexible, autonomous work environment

A culture of respect, learning, and excellence

Experienced, highly talented experts as team peers

Growth and travel opportunities

Be part of a team of change-makers with a significant impact on people around the world

About Edged

Edged is creating a global network of carbon neutral, zero-water edge infrastructure for data center and microgrid projects. Edged is an infrastructure solution that combines rapid deployment with sustainable operation. Modular components, including zero-water cooling and advanced electrical systems, help to lower costs, minimize the environmental footprint, and enable a new generation of on-demand infrastructure as a service.

About Endeavour

Endeavour is the main hub—a self-sustaining incubation platform for innovation—within a larger ecosystem focused on developing sustainable infrastructure that makes significant improvements, globally, in the areas of waste, water, and energy. Today, we are deploying solutions that are immediately scalable and profitable, including EV charging, waterless data center cooling, and waste to fuel systems. As we look to the future, Endeavour intends to remain at the forefront of innovation, taking on grander challenges based on the needs of our clients and of local economies. We hope that our Sustainable Habitat for Innovation towards a Purpose (SHIP) will inspire people and businesses to #jointhejourney so that together we can ensure a regenerative/sustainable world for generations to come. Are you ready to #JoinTheJourney?

Position: GRC Security Analyst

Full-Time or Part-Time: Full-Time

Reports to: IT Manager

Location: Remote

Contact: [email protected]