Security Governance & Assurance Analyst

About the job

GENERAL DESCRIPTION OF POSITION

This Security Governance and Assurance Analyst is responsible for maintaining cybersecurity policies and standards, documenting information security processes, operating the Cybersecurity Awareness Program and maintaining performance metrics relative to the Information Security Program. This role will utilize data from various systems to provide reporting of the Information Security program effectiveness including risk analysis and trends. The SGA Analyst will create & maintain processes, procedures and runbooks in support of Information Security Program functions. This role will review & update information security policies and standards at required interval while enforcing records management and version control. The Analyst will assist in operation of the Enterprise Cybersecurity Awareness Program to mitigate risk through awareness and education of end-users.

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Develop, manage, and handle version control of Murphy USA security policies and procedures.

2. Perform security assessments and risk governance activities as assigned.

3. Document security governance and compliance assessment processes and procedures.

4. Plan and participate in information security program to ensure policy and organizational compliance are completed, including action plans for deficiencies found.

5. Document operational risk run books, policies, flow charts, etc.

6. Coordinate documentation needs across information security and cyber risk team regarding necessary data collection, publication and/or training.

7. Well organized, detail oriented, and takes initiative to drive outcomes.

8. Maintain as necessary risk registers, governance documentation, and risk taxonomy.

9. Develop and manage security awareness program.

10. Perform any other related duties as required or assigned.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty mentioned satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

EDUCATION AND EXPERIENCE

BS/BA degree in Information systems or

5+ years of relevant experience in Information Security field.

1 year of relevant experience in Information Security Governance, Risk, or Compliance.

More Information

Apply for this job

Leave your thoughts

Share this job