The Information Security Governance Risk and Compliance Analyst (GRC Analyst - REMOTE) will be responsible for performing risk-based analysis of information technology environments to identify compliance gaps and assist with guiding solutions to resolve identified gaps. Other duties include managing GRC tooling, reporting to IT and business stakeholders with GRC status, assessing vendors and third-party providers to conform to Rush GRC standards. This role provides implementation and improvement of the GRC program based on the laws and regulations applicable to Rush Enterprises.
Rush Enterprises, Inc. opens the door to the world of opportunity. We are a part of the largest network of commercial vehicle dealerships in North America representing truck and trailer manufacturers. Our franchises include Peterbilt, International, Hino, Isuzu, Ford, IC Bus and Blue Bird. We offer a rewarding career as a leader in the transportation industry. Grow with us as we continue to expand our network of locations and services.
Essential Job Functions
- Performs ongoing privacy and security impact assessments against Rush Enterprises information technology environments.
- Maintains Rush Enterprises security policies and periodic reviews.
- Evaluates Rush Enterprises IT Systems for compliance against industry standards control frameworks and creates plans to achieve compliance.
- Periodically audits third-party vendors and reviews contracts for compliance against Rush Enterprise requirements.
- Formalizes and documents Governance Risk and Compliance (GRC) processes.
- Monitors Rush compliance with applicable laws and regulations, such as PCI, CCPA, NY DFS, Sarbanes Oxley, and FTC GLBA (Safeguards Rule).
- Provides periodic reporting and metrics on compliance to senior management and business stakeholders.
Benefits
We offer exceptional compensation and benefits, 401K and stock purchase, incentives for performance, training, and opportunity for advancement - all in a culture that appreciates and rewards excellence, a positive attitude and integrity.
Education and/or Experience
- Bachelor's degree preferred.
- Minimum 3 years' experience in Governance, Risk and Compliance activities required.
- Experience with implementing a successful GRC program preferred.
- CRISC, CIPT, CIPP/US, and/or CGRC certifications preferred.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
This job posting does not state or imply that these are the only duties to be performed by this employee. The employee will be required to follow any other instructions and to perform any other duties requested by their leader. and able to work independently to meet or exceed goals
Minimum Pay Rate
USD $90,000.00/Yr.
Maximum Pay Rate
USD $120,000.00/Yr.