Risk and Compliance Analyst - Ursus, Inc.

JOB TITLE: Risk and Compliance Analyst
LOCATION: San Jose, CA - HYBRID
DURATION: 6 months
PAY RANGE: $45-$65/hr
TOP 3 SKILLS:

• Hands-on experience with Splunk Enterprise Security, Netskope CASB solution & Enterprise Immunity Solutions is preferred.
• One (or more) of the following certifications: CISSP, CISM, CISA, CRISC. Previous experience in Semiconductor (or R&D) business.

COMPANY:
Our client, a multinational electronics company is recruiting for a Risk and Compliance Analyst (Korean/English Speaking). If you meet the qualifications listed, please Apply Now!

Description:
What You'll Do
Risk and Compliance Analyst will be responsible for working with internal and external teams to ensure compliance with information security policy objectives and the implementation of the security control and compliance framework.
You will play a critical role in managing compliance-related matters with customers, vendors, and partners and advising internal business stakeholders on risk and compliance requirements.
You will be expected to have practical implementation knowledge of various security, privacy, and business continuity and compliance frameworks.

• Assist in establishing appropriate policies and procedures based on industry best practices.
• Assist in publishing and communicating appropriate security standards and standard operating procedures to the business.
• Work closely with various departments and ensure standard policies and procedures are being followed.
• Identifying control gaps and participating in new control identification and monitoring implementation.
• Participate in security incident response activities when required.
• Ensure compliance by conducting periodic audits based on applicable policies and procedures.
• Respond to and adhere to external compliance requirements.
• Establish a formal risk management program, risk registry, and risk assessment and acceptance process.
• Development of a security configuration baseline for all network endpoints and devices.
• Work with IT to develop a change management process.
• Work with vulnerability management and IT personnel to ensure remediation actions are completed.
• Create an Information Security Dashboard that presents metrics from various security controls and technologies.
• Assist in the information security awareness training program across the business.

Requirements:
What You Bring Minimum

• 4-6 years of security experience, preferring to work in a Risk/Compliance role.
• Bachelor's degree in computer science, Information Systems, cyber security or relevant field.
• Hands-on experience with Splunk Enterprise Security, Netskope CASB solution & Enterprise Immunity Solutions is preferred.
• One (or more) of the following certifications: CISSP, CISM, CISA, CRISC. Previous experience in Semiconductor (or R&D) business.
• In-depth knowledge and experience implementing various compliance and risk management frameworks. Hands-on knowledge of networking protocols and standards (e.g., TCP/IP, IPSEC, routing protocols, 802.1x).
• Documented experience and success in the following areas including Risk Management, Auditing/Compliance, Configuration Management, Employee Education and Vulnerability Management.

IND 123