Sr.GRC Analyst - Convene Inc

About Convene Inc.

Convene, Inc. is a Tampa based, award-winning technology services organization with offices and resources throughout the US, Mexico, and India. We have successful, referenceable customers, competitive benefits, and high-growth opportunities.

About Client:
Client is a nonprofit healthcare educational institution with a national presence. Headquartered in Tampa, Florida and founded in 1994, Offers content-rich, interactive online programs as well as hands-on training at our Clearwater, Florida campus.

Requirements
Sr. Governance, Risk, and Compliance Analyst
Permanent role

Purpose of the Position:
The Sr. Governance, Risk, and Compliance (GRC) Analyst will perform IT security functions and maintain systems, while providing technical guidance to the team. This individual will be responsible for leading the day-to-day cyber compliance, data governance, and cyber risk management functions, including the responsibility for assessing and documenting the company's compliance and risk posture as they relate to its information assets.
The Sr. Governance, Risk, and Compliance (GRC) Analyst reports to the Director, CISO.

Responsibilities:
Functional:
Develop and maintain the company's governance, risk, and compliance program.
Assess and document the company's compliance and risk posture as they relate to its information assets.
Develop policies, procedures, standards, guidelines, and controls to ensure compliance with applicable laws, regulations, and industry best practices.
Work with internal stakeholders to ensure that policies, procedures, standards, guidelines, and controls are implemented effectively.
Work with external auditors to ensure that the company is compliant with applicable laws, regulations, and industry best practices.
Lead pen testing and remediation activities.
Vendor risk management.
Provide guidance on audit responses.
Assess computer hardware, software, and systems for security risks or violations.
Support Institutional Initiatives:
Keeps current with institutional goals, objectives, and progress.
Engages in institutional sponsored activities and initiatives as appropriate.
Leads with courage in support of change initiatives that impact organization.
Assists in coordinating efforts between departments within UMA.
Compliance:
Demonstrates knowledge of, and carefully follows all applicable federal and state compliance requirements and regulations including those prescribed by the Department of Education, accrediting agencies, CIE, and internal policies and procedures.
Effectively communicates compliance requirements to students and other staff as appropriate and quickly escalates any compliance concerns to the Compliance department.

Work Experience, Skills & Abilities:
Minimum Requirements:
Bachelor's degree in computer science or related field.
7+ years of experience in Information Security.
Experience with application pen testing, tracking, and reporting.
Experience developing governance, risk, and compliance programs.
Ability to influence and assist business owners in developing process, policies, controls and metrics that ensure compliance with relevant laws, regulations, policies, and standards.
Strong knowledge of information security principles, best practices, and frameworks (such as ISO 27001, NIST Cybersecurity Framework, etc.).
Excellent problem-solving skills.
Experience developing and maintaining a Secure SDLC program and Secure code practices.
Experience with Security Awareness Training programs that include Phishing simulations.
Experience with vulnerability management and remediation tracking.
Able to professionally communicate in verbal and written English.
Proficient in MS Office (Word, Excel, PowerPoint) and other business tools such as Skype and Microsoft Teams.
Able to support a diverse and inclusive work environment.

Preferred Requirements:
Industry certifications preferred: CISSP, CISA, CISM.
Working Environment:
Office Environment/Call Center/Home Office.
Up to 10% of travel required.
Flexibility to work evenings and weekends as needed.
Physical Demands:
Requires long periods of sitting at a desk working on a computer.
Requires ability to travel.
Requires occasional bending, stooping and squatting.
Requires occasional lifting of up to 10 lbs.

Compensation
Anticipated starting salary of $110-120k; pay rate based on experience and qualifications.
Medical (including prescription), Dental, Vision (Client subsidized) FSA/HSA (Depending on Medical Plan chosen)
$50,000 Life Insurance (Client paid)
Additional Voluntary Life Insurance (Team Member paid) Employee Assistance Program – EAP (Client paid) Long Term Disability (Client paid) Short Term Disability (Team Member paid) Supplemental Insurance such as Critical Illness, Accident, and Hospital (Team Member Paid) Paid Time Off – 15 days accrued in year 1, 9 houmalidays, and 1 day of Volunteering Time Off 401k (eligible upon completion of 90 days of employment and must be at least 21 years of age) Pet Insurance Identity Theft Protection Key