Risk and Compliance Analyst - Leadstack Inc

LeadStack Inc. is an award-winning, one of the nation's fastest-growing, certified minority-owned (MBE) staffing services provider of contingent workforce. As a recognized industry leader in contingent workforce solutions and Certified as a Great Place to Work, we're proud to partner with some of the most admired Fortune 500 brands in the world.

Title: Risk And Compliance Analyst
Location: San Jose CA - Hybrid
Duration: 6 months

Job Description:

Risk and Compliance Analyst will be responsible for working with internal and external teams to ensure compliance with information security policy objectives and the implementation of the security control and compliance framework. You will play a critical role in managing compliance-related matters with customers, vendors, and partners and advising internal business stakeholders on risk and compliance requirements. You will be expected to have practical implementation knowledge of various security, privacy, and business continuity and compliance frameworks.

• Assist in establishing appropriate policies and procedures based on industry best practices.
• Assist in publishing and communicating appropriate security standards and standard operating procedures to the business.
• Work closely with various departments and ensure standard policies and procedures are being followed.
• Identifying control gaps and participating in new control identification and monitoring implementation.
• Participate in security incident response activities when required.
• Ensure compliance by conducting periodic audits based on applicable policies and procedures.
• Respond to and adhere to external compliance requirements.
• Establish a formal risk management program, risk registry, and risk assessment and acceptance process.
• Development of a security configuration baseline for all network endpoints and devices.
• Work with IT to develop a change management process.
• Work with vulnerability management and IT personnel to ensure remediation actions are completed.
• Create an Information Security Dashboard that presents metrics from various security controls and technologies.
• Assist in the information security awareness training program across the business.

Requirements:

• What You Bring Minimum 4-6 years of security experience, preferring to work in a Risk/Compliance role.
• Bachelor's degree in computer science, Information Systems, cyber security or relevant field.
• Hands-on experience with Splunk Enterprise Security, Netskope CASB solution & Enterprise Immunity Solutions is preferred.
• One (or more) of the following certifications: CISSP, CISM, CISA, CRISC.
• Previous experience in Semiconductor (or R&D) business.
• In-depth knowledge and experience implementing various compliance and risk management frameworks.
• Hands-on knowledge of networking protocols and standards (e.g., TCP/IP, IPSEC, routing protocols, 802.1x).
• Documented experience and success in the following areas including Risk Management, Auditing/Compliance, Configuration Management, Employee Education and Vulnerability Management.

If interested, please share your updated resume and the best time and number to connect over the phone. In case you are not available/interested, will appreciate if you can share it with your friends/network. Your referrals are appreciated!


To know more about current opportunities at LeadStack, please visit us at https://leadstackinc.com/careers/
Should you have any questions, feel free to call me on 415 985-0816 or send an email on Nishanth.allam@leadstackinc.com