More jobs:
Job Description & How to Apply Below
## Cybersecurity GRC - Compliance Analyst
US - Remote, CO
* Perform SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 and ISO 42001 gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate.
* Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework
* Perform ISO 27001 & ISO
27701 Internal Audits.
* Perform SOC 1 & 2, NIST 800-171 Internal & External Audits
* Contribute to annual policy revisions and maintenance of the IMS.
* Constantly coordinate with key business stakeholders and the external auditor
* Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership.
* Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks.
* Collaborate with Cybersecurity team members, Trimble businesses across various geographies.
* Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed.
* Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks.
* Be able to understand and communicate technical risks to a broad set of stakeholders. Must be able to adjust delivery to the audience.
* Cybersecurity, IT and GRC teams
* Trimble leadership
* Divisional & Sector Cybersecurity representatives
* Software development staff
* Other global functions (Human Resources, Legal as required
* No communication with Trimble customers required
* Working knowledge of SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001
* Designing audit controls spanning SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001
* Ability to write policy and interpret complex business changes, as they arise
* Comprehensive understanding of risk management standards and guidelines.
* General IT knowledge (networking, cloud computing, software development)
* General knowledge in Data Privacy (GDPR, CCPA and other regulations)
* A passion for user-centric information that is clear and actionable, attention to detail focused on delivering accurate and creative metrics.
* Ability to make effective, timely decisions with clear reasoning
* Ability to quickly establish a broad understanding of an issue with limited available information and outline the steps required to bring it to a successful conclusion
* Excellent organizational and presentation skills
* Effective communication skills (verbal and written) and time management skills
* Flexible approach to working in a changing environment and can work well under pressure with dynamically changing priorities
* Ability to work as part of a collaborative global team, prepared to remain resilient to complete tasks to conclusion.
* Preferable a relevant degree in Data Science, Computer Science or Engineering (Software or Electrical)
* Current general security certifications (e.g., SEC+, GSEC) encouraged but not required
* ISO 27001 Certified Internal / Lead Auditor and or equivalent experience.
* 2 years experience working with SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701
* Proficiency in English (written and oral)
* 2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company
* Hands-on experience with business and GRC tools such as:
Jira Service Desk
* Demonstrated experience in collecting information from disparate data sources and formulating into reports that can be presented to various audiences
* Intermediate level experience with Windows and Linux/Unix operating systems
* Intermediate level cloud knowledge within AWS, Azure and GCP
* Intermediate level scripting knowledge and experience of Splunk and creating queries
* Experience of using AI to reduce manual process and procedure
* Excellent analytical, problem-solving and decision making skills.
**** Compensation:
**** Trimble provides the following compensation range and general description of other compensation and benefits that it in good faith believes it…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×