Match score not available

Principal GRC Analyst

extra holidays - extra parental leave
Remote: 
Full Remote
Contract: 
Salary: 
10 - 10K yearly
Experience: 
Mid-level (2-5 years)
Work from: 

Offer summary

Qualifications:

Minimum 5 years of relevant experience, Bachelor's degree in related field.

Key responsabilities:

  • Implement and maintain compliance frameworks
  • Assess controls in multi-cloud environments
  • Support audits of cloud environments and information systems
  • Conduct internal and external audit engagements
  • Drive compliance for Deltek products in cloud environments
Deltek logo
Deltek Computer Software / SaaS Large https://www.deltek.com/
1001 - 5000 Employees
See more Deltek offers

Job description

Company Summary

As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference. At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.com

Position Responsibilities

Information security risk management and compliance are critical parts of Deltek’s business and product strategy. The Principal Governance, Risk, & Compliance (GRC) Analyst is an Individual contributor (IC) role that reports to the Manager of GRC. This role is within the team responsible for implementing and maintaining compliance framework controls and assessing controls within multi-cloud environments. This role supports comprehensive assessments of the management, operational, and technical security controls deployed within Deltek cloud environments. Determines the effectiveness of the controls - the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements.

As a Principal GRC Analyst you will be part of the team responsible for audits of cloud environments, information systems, risk management and security tools to ensure adherence to applicable frameworks, laws, and regulations. You will assist with review, interpretation and documentation of control objectives and procedures – for areas such as cloud security, cloud governance and compliance, DevOps, cloud data protection, cloud monitoring, incident response, enterprise security architecture, cyber security, and technology risk management. As part of a team of cloud security and compliance experts within GRC team you will drive compliance for all Deltek products with focus on cloud environments.

  • Provide subject matter expertise related to NIST 800-53, FedRAMP, CMMC, ISO27001, PCI DSS, SOC 1, SOC 2, SOX and other information security regulations.
  • Must have experience and knowledge of audit engagements as a principal auditor, understand requirements for completing internal and external audit engagements.
  • Lead the gathering, reviewing, assembling, maintaining, and presenting of internal and external audit evidence and related documentation. Draft and maintain compliance documents such as policies, standards, procedures. Prepare metrics and reporting.
  • Experience and exposure with software development in a cloud environment desired.
  • Effectively communicate with Deltek technical and business stakeholders through written and verbal communication during the process of evidence collection, validation, testing and presentation of results.
  • Maintain proficiency with applicable laws, regulations, and standards.
  • Identify and communicate risk management, control gaps and process inefficiencies to key stakeholders.
  • Actively participate in initiatives aimed at enhancing Cloud Security Compliance team processes and procedures.
  • Support internal risk and compliance meetings as a subject matter expert.
  • Draft and maintain, and mature GRC services as a primary or backup service owner (e.g., Policy Management, Risk Management, Customer Security Due Diligence, Business Continuity Planning, etc.)
  • Some experience in GRC customer support requests. Handling and managing customer security and compliance questionnaires such as Consensus Assessment Initiative Questionnaire (CAIQ) forms.


Qualifications

  • Minimum 5 years of combined experience implementing and/or assessing: Information technology audit, Information Technology General Controls (ITGC), Information security operations, cloud security and compliance, internal audit function, IT risk management, public accounting firm, or a related field.
  • B.S. degree (Information Security, Computer Science, MIS, or equivalent program preferred) from an accredited college/university.
  • Must have experience with assessments within technological environments.
  • Possess, or working toward, baseline security certifications such as CCAK/CCSK, CISA/CompTIA/CISSP cloud certification for Microsoft Azure/AWS/Google Cloud Platform.
  • Experience with ITAR regulations is a plus.


Core Competencies

  • Excellent self-management and work with minimal direction.
  • Excellent time management skills for handling multiple competing priorities and simultaneous projects.
  • Excellent business and technical aptitude and problem-solving skills.
  • Excellent critical thinking, analytical, communication (written and verbal) and interpersonal skills.
  • Ability to work in a team environment and to collaborate across different business units.
  • Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training.


Job Categories: GRC / Security / Compliance / Technology audit / Cloud Operations

Travel Requirements

10%

Applicant Privacy Notice

Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you (“Personal Data”) to administer and evaluate your application. We are the “controller” of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice . Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process.

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Industry :
Computer Software / SaaS
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Problem Solving
  • Communication
  • Time Management
  • Teamwork
  • Critical Thinking
  • Analytical Thinking

Related jobs