GRC Security Policy Analyst at The Computer Merchant, LTD.
Boston, MA 02111
About the Job
JOB TITLE: GRC Security Policy Analyst
JOB LOCATION: 10 Park Plaza Boston MA
WAGE RANGE*: $65-$70
JOB NUMBER: IT24464INF
REQUIRED EXPERIENCE:
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities JOB DESCRIPTION
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities Equal Opportunity Employer Veterans/Disabled
* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.
JOB LOCATION: 10 Park Plaza Boston MA
WAGE RANGE*: $65-$70
JOB NUMBER: IT24464INF
REQUIRED EXPERIENCE:
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities
- Oversee and manage NIST policy approvals and implementation at the MBTA
- Manage NIST policies within the ERM platform
- Coordinate with key stakeholders for non-NIST policies
- Research and evaluate policies to ensure they are up-to-date with current NIST guidance
- Stay aware of policy trends and new laws/guidelines from the Federal to state and local level
- Identify and implement GRC security controls based on the NIST framework.
- Manage and implement the cybersecurity awareness program including annual training, AUP acknowledgement tracking, and phishing training
- Collaborate with the GRC IT Risk Analyst on various projects for the GRC Department.
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities
- Developing and implementing policies, procedures, and controls to manage risks and ensure Compliance with regulations
- Conducting risk assessments and identifying potential risks
- Monitoring compliance with regulations and industry standards
- Developing and implementing compliance training programs
- Conducting Audits to ensure compliance with regulations and industry standards
- Managing the compliance reporting process
* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.
Salary
65 - 70 /hour