The Information Security GRC Analyst performs Application Sensitivity Assessments (ASA), leads the Application Risk Heatmap process, assists with the creation and generation of Documentation, Reporting, and Analytics, and assists with the creation and delivery of Information Security Awareness Campaigns and other training programs. The position is hands-on and requires strong project management skills and tactical execution. The position requires a solid knowledge of the regulations (e.g., FFIEC, FDIC, SEC, DFS500) and best security practices (e.g., NIST, ISO) applicable to the financial industry. It is essential that the candidate be able to demonstrate practical and in-depth knowledge of security GRC practices and processes including the use of GRC tools such as Archer, reporting tools such as Tableau.
The ideal candidate is proactive and has a successful track record with execution of programs. The Information Security GRC Analyst is a member of the Security GRC Team and reports to the Director of Security GRC. This position is transversal and requires strong collaboration across the organization (regionally in the Americas and globally with our HQ in Paris).