Position Title: Information Security Analyst
Location: Atlanta, GA (Hybrid)
Job Description: The Information Security Analyst – GRC reports to the Senior Manager of Information Security – GRC and is responsible for supporting security initiatives, enterprise programs, business objectives, and assisting with the protection of information assets globally.
The position will be responsible for assisting on IT control assessments, both internal and with third parties, to ensure effective IT controls are in place to meet operational and compliance requirements. Further duties will include assisting in the performance of Vendor Risk Management processes, Incident Response, and evaluating risks to applications, infrastructure, and technology projects. The GRC Analyst will also work directly with our business partners to track remediation efforts to completion. The ideal candidate will be able to clearly and effectively explain risks to business partners and team members in a fast-paced environment while prioritizing multiple projects.
Duties & Responsibilities
- Performs evidence collection and assists in the management of various GRC Projects including the annual PCI DSS certification program, policy review, vendor risk management.
- Assists and leads various IT control assessments to ensure effective IT controls are in place to meet operational and compliance requirements.
- Assists Vendor Risk Management to complete risk profiles for vendors during the on-boarding process and aides in conducting an annual review of critical vendors.
- Effectively reports and communicates assessment results to IT management for corrective action, where required.
- Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place.
- Assist with drafting, reviewing and maintaining IT policies; facilitates annual policy review and approval.
- Contributes to the team knowledge base by participating in appropriate training and providing industry and best practice knowledge. Provides mentoring for other team members.
- Demonstrates excellent project management skills, inspires teamwork and responsibility with engagement team members, and uses current technology/tools to enhance the effectiveness of deliverables and services.
Required Skills & Qualifications:
- Bachelor’s degree in Information Technology or related. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree.
- 2 – 5 years of relevant Information Technology (IT) experience, with a minimum of 2 years’ experience focusing on IT Risk, Governance and Compliance.
- Demonstrated knowledge of recognized IT audit-related standards and regulations.
- Exceptional verbal and written communication skills
- Experience with High Priority, High Activity and Multi tasked Environments
Preferred Skills:
- Experience with Security frameworks, standards and regulations including NIST 800-53, NIST Cyber Security Framework, GDPR, CCPA, PCI DSS, etc.
- Demonstrated knowledge of recognized IT process and quality frameworks such as COBIT
- CISA, CISSP, CRISC, or CISM certification is desired
- PCI-DSS experience is a plus.
- Strong project management skills
Newell Brands (NASDAQ: NWL) is a leading global consumer goods company with a strong portfolio of well-known brands, including Paper Mate, Sharpie, Dymo, EXPO, Parker, Elmers, Coleman, Marmot, Oster, Sunbeam, FoodSaver, Mr. Coffee, Graco, Baby Jogger, NUK, Calphalon, Rubbermaid, Contigo, First Alert, and Yankee Candle. For hundreds of millions of consumers, Newell Brands makes life better every day, where they live, learn, work and play. Newell Brands and its subsidiaries are Equal OpportunityEmployers and comply with applicable employment laws. EOE/M/F/Vet/Disabled are encouraged to apply.
More Information
- Address Atlanta, GA, USA
- Salary Offer $100.000 ~
- Experience Level Junior
- Total Years Experience 0-5