Portland Metro Area,
Post Date: 03/22/2018
Job ID: JN -032018-5929
Industry: Security - IT
Evo is seeking a Program Governance Analyst for our Beaverton Client. This contract opportunity is scheduled to be 1-year.
As a Program Governance Analyst, your role on the Governance team will include leveraging your knowledge of security policies, standards, controls, and industry best practices to consult with partners. You will be involved playing a critical role in ensuring that GRC functions are incorporated into key security services and program while validating risk mitigation functions are functioning correctly.
SKILLS and REQUIREMENTS:
- Document and assist others in documenting security domain specific policies, standards, controls, control activities, and standard operating procedures
- Research, develop, and implement security policies, standards, controls, and industry best practices across multiple security domains (e.g. Identity and Access Management (IAM), Data Loss Prevention (DLP), Vulnerability Management (VM), etc.)
- Experience operating and maintaining IAM, DLP, and/or VM infrastructure, leading or participating in their day-to-day operations and maintenance, as well as monitoring, reporting, and auditing technical, security, and business activities
- Experience designing and building IAM, DLP, and/or VM solutions that integrate applications and other services, align processes with business processes, and required governance and policy needs for internal, external and federated use cases
- Liaise with GRC and other CIS and Technology stakeholders to ensure alignment between all groups
- Must take ambiguous high-level language and translate it into real world operations
- Diplomatically influence teams to implement a Governance Framework showing the value it will be bring and tactfully help adjust existing operations to align with the framework
- Ability to socialize and influence others to buy into a process-oriented approach to their work
- Ability to gain a deep level of technical and process knowledge across multiple security domains in a short amount of time
- Ability to think both strategically and tactically to enable a better future state while continuing to execute against current milestones
- Stay current on information security technologies, trends, standards and best practices
- Ability to obtain a deep level of technical and process knowledge across multiple security domains in a short amount of time
Applicants must be fully authorized to work in the U.S. and physically be in the U.S.
- Bachelor's Degree in relevant field and minimum of 7 years relevant IT experience
- CISA, CRISC, CISSP, or CISM certifications beneficial
- Knowledge of control frameworks such as COBIT, COSO, NIST and/or ISO 27000
- Experience operating and maintaining DLP and DRM infrastructure, leading or participating in their day-to-day operations and maintenance, as well as monitoring, reporting, and auditing technical, security, and business activities
- Experience designing and building a data protection program that meets the needs of multiple stakeholders and ensures the appropriate governance and policy needs
- At least one year of documenting and implementing security policies, standards, and/or controls
- Strong working and technical knowledge of data protection technologies, including Digital Rights Management (DRM) and Data Loss Prevention (DLP)
- Strong ability to translate strategic vision and objectives into real world operations
- Proven ability to think logically and strategically about technical solutions that are efficient, scalable, and re-usable
- Excellent analytical and problem-solving skills and strong attention to detail
- Proven ability to identify and develop clear and understandable performance measures from high-level business objectives
- Strong business acumen to quickly learn new business processes and understand how application performance requirements support the business in achieving revenue and profit goals
- Excellent collaboration skills must be eager to work as part of a cohesive team and work as a partner to other teams
- IT Audit, internal Audit and/or risk advisory experience is a plus
- Experience working as a BSA/Lead on multiple projects and business functions is a plus
- Comfortable working with ambiguity is a must
- Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict
- Proven presentation and facilitation skills
- Demonstrated expertise of building a consensus across business partners and technology leaders, and influencing successful outcome
- Must excel working in team-oriented roles that rely on ability to collaborate with others
- Experience working successfully in a highly matrixed work environment
CORP-to-CORP requests will NOT be entertained.
Relocation assistance will not be available for this position.
Evo is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veteran status, sexual orientation, gender identity, or any other protected factor.