Cyber Security Analyst

Position Description

Support the implementation and ongoing cadence of the GRC Component Assessment and Control Testing Processes to internal defense personnel and project teams.

Create and publish supporting documentation for new / updated processes.

Create and deliver audience specific training and communications for new / updated processes to IT and Business partners.

Work effectively with cross–functional and cross regional stakeholders with varying levels of business / technical skills.

Collect sufficient quantitative and qualitative data to accurately describe the current state, desired state, and root cause(s) of gaps, with guidance from others.

Analyze the future needs of customers and the enterprise, and translate these actions to enhance and mature the GRC program.

Address potential business / financial impacts, inter–related systems and risks associated with new processes and approaches.

Identify risks and issues across the multiple projects that form complex programs and large projects and support their mitigation.

Engage stakeholders to gain consensus on shared vision of project outcomes. Anticipate up and downstream impacts and predict / address obstacles.

Identify and assist in the resolution of conflicting business goals and systemic issues to enable business value realization.

Propose corrective actions to address management and governance problems within the program or project.

Skills / Experience Required

• 3–5 years experience in risk management
• 3–5 years experience working with control assessment and testing processes
• 3–5 years experience working with ISO 27001 / 2 standards, Information Security policies, risks and controls
• Excellent verbal and written communication

Experience Preferred

Education Required

J-18808-Ljbffr