PTS Advance has a job for you.


Job Details

Cybersecurity Compliance Analyst
Houston, TX  Posted: 6/8/2021


PTS is currently seeking a Cybersecurity Compliance Analyst for a contract-to-hire assignment with a large refining client. This position is able to be performed remotely with little to no expected travel so is perfect for someone wanting the flexibility of being able to work from home. In particular, we're looking for someone with experience performing vendor security assessments and putting together risk mitigation plans. The ideal candidate must have strong critical thinking skills, be able to juggle multiple priorities, and be able to excel in a fast-paced environment.

The Cybersecurity Compliance Analyst is a position within the Cybersecurity team responsible for performing and supporting Governance, Risk and Compliance functions. The primary function will be to conduct and document vendor security assessments along with refining the templates, processes, procedures including process automation. The Analyst role will interface with all levels of staff and management within the IT organization, as well as regular communication with Legal and Supply Chain. The analyst additionally will have responsibility to assist with other GRC functions.     
Job Responsibilities:
    Partner with business stakeholders to facilitate vendor security assessments; act as a liaison and coordinate efforts between IT, Cybersecurity, Business functions and others
    Perform vendor security assessments on new and existing vendors
    Analyze, update, and modify vendor security assessment program procedures and continuously implement vendor risk management process improvements
    Track open issues with third parties through closure, and perform ongoing risk monitoring, due diligence and assessments
    Participation in compliance, internal controls and compliance activities across the company
    Partner with external third parties on regulatory and compliance assessments
    Perform other duties as assigned

Required Education and Experience:
    Bachelor’s degree required
    Two or more years in third-party risk management and/or cybersecurity related field
    One year or more years of experience performing vendor security assessments
    Prior experience with vendor risk management methodologies and practices 
    Prior project management experience
    Strong written and verbal communication skills
    Ability to interface at all levels of the organization
    Ability to constantly be in a learning and curious mode
    Proven problem-solver with the ability to perform root cause analysis
    Proven ability to work in a demanding, high paced environment
    Self-motivated and comfortable working in the gray space

Preferred Education and Experience:
    Experience in a third party risk management team
    Experience working in ServiceNow, GRC platforms preferred
    Working technical knowledge of industry best practices and commonly used frameworks & standards (e.g., NIST SP 800-53, NIST SP 800-171, SOC 2/SSAE18, ISO 27001-2)
    Preferred industry certification: CISA, CISSP, CISM, CRISC


Job ID#:




Already have an account? Log in here