- Implement Information Security Management System based on the ISO framework.
- Conduct internal security risk assessments to identify gaps in internal applications, cloud applications and COTS products.
- Perform data field mapping and document how data flows within an application or business process.
- Support risk management strategies, risk mitigation, risk reduction, risk transfer and exception processes.
- Evaluate the effectiveness of controls by defining, collecting, and communicating Information Security metrics.
- Support the Risk Acceptance strategies.
- Maintain and Support Risk Register process within the company.
- Understand information security policies, standards, procedures, guidelines, and training.
- Work with technical team members to implement controls as outlined in your Information Security Assessment findings.
- Creating and maintaining information security policies.
- Risk Management experience in a large organization.
- Training in Risk Management, ISO 27000, NIST 800 series publications.
- Awareness of security services, such as Internet Content Filtering, Remote Access, Firewalls, IDS/IPS, Virus Protection, AAA (including 2Factor), Digital Certificates and PKI.
- Analytical, Critical thinking, Detailed oriented.
- Good written and verbal communication skills.
- Clear communicator.
- Fluency in English is a must.
- Diploma, associate degree in a relevant field.
- Three or more years of experience in Risk Management.
- Proven Knowledge of Cyber Security related technologies.
- CRISC, CISA Certifications a plus.
IT Security GRC Analyst - Asturias, España - Axalta
Descripción
Description
:GLOBAL IT SECURITY GRC ANALYST
The Global IT Security GRC Analyst will work closely with global IT and business process owners to ensure that cyber security controls are implemented to acceptable risk levels. The IT Security GRC Analyst will assist in developing and maintain information security policies and controls. The successful candidate will work with Information Security SME's to document and verify security controls and capabilities. The GRC analyst will play a key role in developing Information Security policy and the implementation of IT risk management framework throughout the company. This role reports to the Senior Compliance Analyst and will be located in Asturias, Spain.
ESSENTIAL JOB FUNCTIONS:
DESIRABLE
SKILLS
POSTION REQUIREMENTS:
Our Company:
Axalta has remained at the forefront of the coatings industry by continually investing in innovative solutions. We engineer technologies that protect customers' products – whether they are battling heat, light, corrosion, abrasion, moisture, or chemicals – and add dimension and beauty with colorful finishes. We have a vast and ever-evolving portfolio of brands primed to play an important part in everything from modernizing infrastructure around the world to enabling the next generation of electric and autonomous vehicles.
Axalta operates its business in two segments: Performance Coatings and Mobility Coatings, which serve four end markets, including Refinish, Industrial, Light Vehicle and Commercial Vehicle, across North America, EMEA, Latin America and Asia-Pacific. Our diverse global footprint allows us to deliver solutions in over 140+ countries and coat 30 million vehicles per year. We've recently set an exciting 2040 carbon neutrality goal, in addition to 10 other sustainability initiatives, and we take pride in working with our customers to optimize their businesses and achieve their goals.