Senior Security Governance, Risk and Compliance Analyst - Reyes Holdings

Position Summary:


The Sr. Security GRC Senior Analyst (Policy, Design & Remediation) is a key contributor for the communication of security policies, standards, and remediation items to RH IT and multiple business units. This role will also engage with teams across both Security and IT departments over the course of day-to-day assignments and report directly to the Senior Manager Security GRC Policy, Design, and Remediation.





Position Responsibilities may include, but not limited to:



+ Provide guidance and expertise to business units and project teams throughout the lifecycle of security initiatives


+ Collaborate with Security GRC Compliance to prioritize security vulnerabilities and control deficiencies through regular reporting and assessments


+ Drive and execute remediation strategies to address identified vulnerabilities and control deficiencies in a timely and efficient manner collaborating with the CISO organization, RH IT, and BU IT. Report on these remediation strategies by developing reporting metrics, dashboards, and evidence artifacts


+ Drive a culture of security awareness and compliance within the organization


+ Lead documentation, consultation, negotiation and resolution of tactical issues that may arise from security initiatives targeting business units


+ Partner with CISO functions to document security gaps affecting business units and facilitate their orderly remediation


+ Facilitate communications and negotiations for aligning information security priorities with strategic objectives defined by business units


+ Help balance CISO organization governance with supporting business unit need


+ Leverage risk-based reporting to improve information security adoption across the business units


+ Other projects or duties as assigned




Required Skills and Experience:



+ Bachelor’s degree in computer science, IT, Engineering, or Security discipline and 4+ years of experience as a technical specialist in Customer-facing roles OR High School Diploma and 7+ years of the above stated experience in lieu of a bachelor’s degree


+ Experience in proven experience in a security role with a focus on standards, protocols, and remediation


+ Excellent verbal and written communication skills to interface with managers, staff, and customers, at all levels within the company


+ Strong interpersonal skills are critical to success. Reyes Holdings values a culture of collaboration and synergy amongst teams


+ Strong organizational skills in aligning to goals, scheduling discussions, establishing workshops involving individuals or working groups


+ Strong understanding of security frameworks, compliance requirements, and industry standards (NIST CSF, CIS 8 preferably)


+ Experience in developing and implementing effective remediation strategies


+ Successful in fast paced and quick changing environments


+ Ability to drive buy-in across complex organization structures


+ departments


+ This job requires the ability to travel 10% on an annual basis


+ This position must pass a post-offer background and drug test



Preferred Skills and Experience:



+ Relevant certifications such as CISSP, CISM, CISA or similar are highly desirable


+ Broad Enterprise systems experience including application and platforms




Equal Opportunity Employee & Physical Demands


Reyes Holdings and its businesses are equal opportunity employers. Company policy prohibits discrimination and harassment against any applicant or employee based on race, color, religion, sex, pregnancy or pregnancy-related medical conditions, marital status, sexual orientation, gender identity or expression, age, national origin, citizenship, disability, genetic information, military or veteran status, or any other basis protected by applicable law. In addition, the Company is committed to providing reasonable accommodation to applicants and employees in accordance with applicable law. Requests for accommodation should be directed to your point of contact in the Talent Acquisition or Human Resources departments.


Background Check and Drug Screening


Offers of employment are contingent upon successful completion of a background check and drug screening.


Pay Transparency


Our compensation philosophy embraces diverse factors for fair pay decisions, valuing skills, experience, and the needs of our business. Moreover, this role may have the opportunity to participate in a discretionary incentive program, subject to program rules.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation and gender identity, national origin, disability, or protected veteran status. Drug Free Workplace.