Senior Security Analyst - GRC
- Employer
- Sentry
- Location
- Stevens Point
- Salary
- Competitive
View more
- Industry
- Technology
- Role
- Law Enforcement / Security
- Job Type
- Long-Term
- Hours
- Full Time
You need to sign in or create an account to save a job.
OVERVIEW At Sentry, we have Information Security Analysts who help move our company forward by focusing on Governance, Risk and Compliance. Our IS Analysts c onduct assessments of varying complexity to review, evaluate and test security and IT controls, rate the effectiveness of safeguards and evaluate compliance to security related policies and standards.
In this role, you will be responsible for working on day to day Information Security compliance, governance, and risk management functions. You will also participate in the development of Information Security policies, standards and controls to protect enterprise data. This position can be hired as a Security Analyst Sr or Security Analyst based on the selected individual's related experience and qualifications.
WHAT YOU'LL DO ??? Design and write effective and efficient information security control processes that support and drive compliance to Sentry's Information Security Policies, Standards, and applicable regulatory requirements.
??? Leads and conducts assessments on security controls enterprise-wide to confirm compliance of internal controls or determine security gaps. This includes interviewing stakeholders, gathering data and reports, and analyzing the state of security and IT controls against best practices.
??? Assist management with developing mitigation action plans and track to confirm that the remediation plans for any identified security and audit gaps are carried out successfully to reduce Sentry's threat surface.
??? Perform analysis of new and projected regulatory requirements to discern impact to Sentry's Information Security Program and facilitate any process changes that may be needed from those new requirements.
??? Work within Sentry's governance, risk, and compliance system to develop governance and control processes that efficiently allow for testing compliance with minimal impact to Sentry's operations.
??? Partner with other information security groups to reach consensus on appropriate security mitigation strategies and best practices.
??? Partners with Information Security Management to participate in building the Information Security Awareness Program.
??? Lead and collaborate with IT, Legal, Internal Audit, External Examiners, and business areas as appropriate during assurance attestations or compliance exams.
??? Utilize Information Security or Information Technology analysis tools (i.e. Jira (work management tool), structured & unstructured data discovery tools, GRC platform, etc.) to perform governance testing and confirm compliance.
??? Interface with third-parties to coordinate risk assessments and vulnerability identification.
??? Research, understand, and interpret regulations and frameworks that relate to Cybersecurity.
??? Lead and perform risk analysis and assists with tracking risks within the Information Security Risk Register.
WHAT IT TAKES ??? Bachelor's degree or equivalent work experience within Information Security, IT, IT Audit, or Project Management.
??? 4-6 years of related work experience preferred.
??? Experience with compliance regulations and best practice security frameworks (i.e. NYDFS Cybersecurity Regulation, HIPAA, SSAE18, SOC 1, PCI, ISO 27001/2, NIST, and COBIT) is a plus.
??? Exposure to two or more security domains (e.g. Identity and Access Management, Security and Risk Management, Security Assessment and Testing, etc.).
??? Ability to work towards or has achieved at least one Information Security or Risk Management Certification - CISSP, CISM, CISA, CRISC, PCI ISA, etc.
??? Knowledgeable in a diverse set of technical IT and security skills.
??? Proven ability to assist with Enterprise level process improvements.
??? Ability to develop a high-level picture of an organization's technology and information needs.
??? Able to work independently with minimal management supervision, as well as part of a team.
??? Strong communication, analytical, problem solving, and conceptual thinking skills.
??? Ability to work with Technical and Non-Technical stakeholders.
??? Proven interpersonal, communication, technical writing, and presentation skills
WHAT YOU'LL RECEIVE We take great pride in making Forbes' list of America's Best Midsize Employers since 2017. A lot of different factors go into that honor, many of which contribute to your job satisfaction. At Sentry, your total rewards go beyond competitive compensation. Below are some benefits and perks that you'll receive.
ABOUT SENTRY All of us at Sentry-more than 4,000 associates-have various talents, skills, and backgrounds. We work together to deliver on our promises to our policyholders every day. We're proud to offer a full line of property, casualty, and life insurance products to help protect businesses, cars, homes, lives, and retirement income.
Our headquarters is in Stevens Point, Wisconsin, with claims and service offices located throughout the United States. From sales to claims, and information technology to marketing, we enjoy a rewarding and challenging work environment with opportunities for ongoing professional development and growth.
Our bright future is built on a long track record of success. We got our start in 1904 and have been helping businesses succeed and protect their futures ever since. Because of the trust placed in us, we're one of the largest and financially strongest mutual insurance companies in the United States. We're rated A+ by A.M. Best, the industry's leading rating authority.
Get ready to own your future at Sentry. Opportunities await.
EQUAL EMPLOYMENT OPPORTUNITY It is our policy that there be no discrimination in employment based on race, color, national origin, religion, sex, disability, age, marital status, or sexual orientation.
TALENT ACQUISITION SPECIALIST Thank you for your interest in Sentry!
Laura Kaczmarski
In this role, you will be responsible for working on day to day Information Security compliance, governance, and risk management functions. You will also participate in the development of Information Security policies, standards and controls to protect enterprise data. This position can be hired as a Security Analyst Sr or Security Analyst based on the selected individual's related experience and qualifications.
WHAT YOU'LL DO ??? Design and write effective and efficient information security control processes that support and drive compliance to Sentry's Information Security Policies, Standards, and applicable regulatory requirements.
??? Leads and conducts assessments on security controls enterprise-wide to confirm compliance of internal controls or determine security gaps. This includes interviewing stakeholders, gathering data and reports, and analyzing the state of security and IT controls against best practices.
??? Assist management with developing mitigation action plans and track to confirm that the remediation plans for any identified security and audit gaps are carried out successfully to reduce Sentry's threat surface.
??? Perform analysis of new and projected regulatory requirements to discern impact to Sentry's Information Security Program and facilitate any process changes that may be needed from those new requirements.
??? Work within Sentry's governance, risk, and compliance system to develop governance and control processes that efficiently allow for testing compliance with minimal impact to Sentry's operations.
??? Partner with other information security groups to reach consensus on appropriate security mitigation strategies and best practices.
??? Partners with Information Security Management to participate in building the Information Security Awareness Program.
??? Lead and collaborate with IT, Legal, Internal Audit, External Examiners, and business areas as appropriate during assurance attestations or compliance exams.
??? Utilize Information Security or Information Technology analysis tools (i.e. Jira (work management tool), structured & unstructured data discovery tools, GRC platform, etc.) to perform governance testing and confirm compliance.
??? Interface with third-parties to coordinate risk assessments and vulnerability identification.
??? Research, understand, and interpret regulations and frameworks that relate to Cybersecurity.
??? Lead and perform risk analysis and assists with tracking risks within the Information Security Risk Register.
WHAT IT TAKES ??? Bachelor's degree or equivalent work experience within Information Security, IT, IT Audit, or Project Management.
??? 4-6 years of related work experience preferred.
??? Experience with compliance regulations and best practice security frameworks (i.e. NYDFS Cybersecurity Regulation, HIPAA, SSAE18, SOC 1, PCI, ISO 27001/2, NIST, and COBIT) is a plus.
??? Exposure to two or more security domains (e.g. Identity and Access Management, Security and Risk Management, Security Assessment and Testing, etc.).
??? Ability to work towards or has achieved at least one Information Security or Risk Management Certification - CISSP, CISM, CISA, CRISC, PCI ISA, etc.
??? Knowledgeable in a diverse set of technical IT and security skills.
??? Proven ability to assist with Enterprise level process improvements.
??? Ability to develop a high-level picture of an organization's technology and information needs.
??? Able to work independently with minimal management supervision, as well as part of a team.
??? Strong communication, analytical, problem solving, and conceptual thinking skills.
??? Ability to work with Technical and Non-Technical stakeholders.
??? Proven interpersonal, communication, technical writing, and presentation skills
WHAT YOU'LL RECEIVE We take great pride in making Forbes' list of America's Best Midsize Employers since 2017. A lot of different factors go into that honor, many of which contribute to your job satisfaction. At Sentry, your total rewards go beyond competitive compensation. Below are some benefits and perks that you'll receive.
- Generous Paid-Time Off plan for you to enjoy time out of the office.
- 401(K) plan with a dollar for dollar match on your first eight percent , plus immediate vesting to help strengthen your financial future.
- Group Medical, Dental, Vision and Life insurance to encourage a healthy lifestyle.
- Pretax Dependent Care and Health Expense Reimbursement Accounts to ease taxes on health spending.
- Extensive Work-Life Resources to lend a helping hand.
- Sentry Foundation gift matching program to encourage charitable giving.
- Continue your education and career development through Sentry University (SentryU).
ABOUT SENTRY All of us at Sentry-more than 4,000 associates-have various talents, skills, and backgrounds. We work together to deliver on our promises to our policyholders every day. We're proud to offer a full line of property, casualty, and life insurance products to help protect businesses, cars, homes, lives, and retirement income.
Our headquarters is in Stevens Point, Wisconsin, with claims and service offices located throughout the United States. From sales to claims, and information technology to marketing, we enjoy a rewarding and challenging work environment with opportunities for ongoing professional development and growth.
Our bright future is built on a long track record of success. We got our start in 1904 and have been helping businesses succeed and protect their futures ever since. Because of the trust placed in us, we're one of the largest and financially strongest mutual insurance companies in the United States. We're rated A+ by A.M. Best, the industry's leading rating authority.
Get ready to own your future at Sentry. Opportunities await.
EQUAL EMPLOYMENT OPPORTUNITY It is our policy that there be no discrimination in employment based on race, color, national origin, religion, sex, disability, age, marital status, or sexual orientation.
TALENT ACQUISITION SPECIALIST Thank you for your interest in Sentry!
Laura Kaczmarski
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert