Strategy, Risk, & Compliance Analyst

Strategy, Risk, & Compliance Analyst

Remote

Position Summary

The Strategy, Risk, & Compliance (SRC) Analyst will be a crucial member of our Kudelski Security Services business, assisting in delivering services to our clients under the direction of the SRC Practice Leader. The potential candidate will work both on their own and part of a team to support client engagements, including security program assessments, build out of security program capabilities (such as risk management, vendor risk, identity & access management, and data security), delivery of user and security awareness training, administration of GRC tools, and support of outsourced security capabilities (such as vendor risk management and compliance as-as-service).

Working directly with customers, and as part of the overall service delivery team, the Analyst will assess customers’ existing security programs, assist customers in the establishment of their security programs using commonly adopted frameworks such as ISO, NIST, CIS, COBIT, and Kudelski approaches, and help deliver certain aspects of the customer’s information security program such as training, compliance monitoring, and risk management.

The Analyst will also serve as an administrator and expert for a suite of GRC tools, including Allgress GRC, Prevalent TPRM, and KnowBe4. The Analyst will help in establishing repeatable processes for the use of the GRC tools, including client onboarding, configuration, development of reports and dashboards and development and maintenance of workflows. The Analyst may also support the other Advisory practices in the delivery of projects.

Responsibilities

• Administer GRC tools utilized by Kudelski Security in the delivery of security services to customers. Includes onboarding new customers and users, building workflows, designing reports and dashboards, and overall tool administration.
• Deliver strategy, risk and compliance and data security projects under the direction of the Practice Leader or delivery team lead. This includes:
  • Participate in client meetings, conduct interviews, and prepare meeting notes.
  • Perform review of data and documentation provided by customers.
  • Conduct any required research using knowledge resources, internet, and internal sources.
  • Prepare client deliverables including reports and presentations utilizing Kudelski Security templates and methodologies.
  • Load data and information into supporting GRC platforms and configure for use by clients.
  • Deliver training and documentation for client users of GRC platforms.
• Develop and deliver customized training programs to help increase the awareness of customer personnel related to security risks and threats. This may include leveraging third-party computer-based training tools such as KnowBe4.
• Identify opportunities during client delivery to deliver additional services to customers.
• Assist in the development of proposals and Statement of Works (SOW) to deliver SRC projects and marketing collateral as directed by the Practice Leader.

Your Key Qualities and Skills

• 5+ years of relevant professional work experience
• 3+ years of technical writing, instructional design and training delivery experience
• 2+ years of experience working in a Cybersecurity or GRC role
• Prior Cybersecurity consulting experience preferred
• Prior experience in administering GRC or similar platforms
• Knowledge of industry leading security frameworks such as NIST, ISO, and COBIT and regulatory requirements such as GDPR, CCPA, HIPAA, and NERC-CIP.
• Bachelor’s Degree in a relevant field or equivalent experience
• Willingness to travel up to 75% (the U.S. only) and live in a major US city with access to a major airport
• Speak and understand English fluently
• Preferred Skills / Experience Requirements
  • Administration experience with GRC tools (e.g. Archer, Allgress, OpenPages)
  • Bachelor’s Degree in a related field or equivalent experience
  • Certified Information Systems Security Professional (CISSP) or similar technical cybersecurity certifications
  • Located in Phoenix, AZ; Dallas, TX, Minneapolis, MN; Atlanta, GA

You don’t have to match all the listed qualities and skills exactly to be considered for this role. In fact, we expect you to learn some of these on the job. So please apply!

Why you’ll love it here

If you are seeking a culture that supports growth, fosters success, and moves the industry forward, then Kudelski is where you need to be! Our rich and successful history with our clients is based on innovation and trust, serving clients of varying sizes and industries, including commercial, government and education. Kudelski remains committed to advocating Diversity, Equity, and Inclusion within our organization and throughout the industry.

With Kudelski, you can expect

• Immersion in an incredible culture and the vibe of a fast moving and growing organization full of opportunity.
• Opportunity to work with innovative, talented peers.
• Creative problem-solving and the ability to tackle unique, complex projects.
• Competitive compensation with a benefits package that protects you and your loved ones and allows you to pursue career growth with tuition reimbursement.
• Generous time off for rest, relaxation, and hobbies.
• Colleagues from across the globe who are interested in helping clients protect their companies so they can focus on fulfilling their mission.

Kudelski Security is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law. EEO M / F / D / V

Compensation ranging from $85,000 to $130,000. (Final compensation is determined by factors including location, candidate experience, education and skillset, as well as local market variances.)