GRC Analyst (Immediate Joiner)

General Job Requirements:

Participates in a global security risk assessment program.

Prepare and provide regular GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly,

Ad Hoc, etc.) to the Head Cybersecurity Specialist and CISO.

Conduct Cybersecurity Risk Management, including Risk Assessments of the client

Information assets and services, and work with the Risk Owners to mitigate the Risks

through appropriate Cybersecurity Controls.

Conduct Cybersecurity Risk Management, including Risk Assessments of the client

Information assets and services, and work with the Risk Owners to mitigate the Risks

through appropriate Cybersecurity Controls.

Develop, maintain and regularly update a Cybersecurity Risk Register and contribute

towards Cybersecurity improvements.

Perform Compliance Management for the client Policies, Procedures, applicable

Regulations as well as Standards and Audit recommendations.

Policies, Regulatory and Compliance

Works with Internal Audit, Stakeholders, General Counsel and outside consultants as

appropriate on required security assessments and audits

Assists in executing strategy for dealing with increasing number of audits, compliance

checks and external assessment processes for internal/external auditors, PCI DSS, ISO,

HIPAA, HITRUST, and NIST 800-171

Routinely completes privacy gap analysis of current laws and regulations and ensures

organization's compliance therewith.

Coordinates and tracks all information technology and security related audits including

scope of audits, timelines, auditing agencies and outcomes.

Interact with Third-Party Suppliers / Vendors / Contractors / Consultants and ensure

GRC projects are completed on time and within budget and desired quality.

Provides guidance, evaluation and advocacy on audit responses.

PREFERRED SKILLS/EXPERIENCE:

Bachelor's degree in Information Systems, Cybersecurity, or a related field preferred.

Certifications that are strongly preferred (not required): CISA, CISSP, CISM and/or other

security certifications

Experience in security governance, security compliance or risk management preferred.

Experience in designing and implementing security standards and best practices.

Experience in PCI DSS, ISO 27001, SOC2 audits is preferred.

Experience developing and/or analyzing security policy.

Hands-on experience in establishing and maturing an organization's Security Program.

PROFESSIONAL SKILLS:

Great problem-solving skills.

Excellent collaboration skills must be eager to work as part of a cohesive team and work

as a partner to other teams within Aristocrat, Inc., locally and globally.

Exceptional communication skills, including the ability to gather relevant data and

information, connect through listening, dialogue freely, and verbalize ideas effectively.

Proven presentation and facilitation skills.