2 Cis Frameworks Jobs

As an Information Risk Analyst at ACA, you will play a crucial role in coordinating and managing the execution of the information security framework, policies, and programs. Your responsibilities will include working closely with ACA teams, department managers, staff, and vendors to develop, execute, and enforce information security standards that support ACA's robust security program. Your duties will involve guiding the development and ensuring compliance with corporate security policies, standards, and procedures. You will manage the annual review cycle and sign off of policies, propose changes to enhance operating efficiency and regulatory compliance, and oversee outsourced vendors providing information security functions for compliance with service-level agreements. Additionally, you will recommend and coordinate the implementation of managerial and technical controls to support and enforce defined security measures. You will be responsible for managing the annual Information Security management program, which includes Risk Assessments, Penetration tests, disaster recovery plans, and employee communication tests. Ad-hoc projects to support ACA on various client and internal initiatives will also fall under your purview. To qualify for this role, you must hold a Bachelor's Degree in a related field and have at least two years of professional hands-on experience in an Information Security role. Experience in Information Security Governance, Compliance, and Risk Management is essential, along with a solid background in evaluating threat/risk landscapes and establishing best practices for security operations, governance, compliance, and audit. Familiarity with industry security concepts/frameworks and regulatory standards such as ISO-27001, NIST, HIPAA, PCI DSS, and CIS frameworks is highly desirable. Demonstrating professional integrity, flexibility, adaptability, and the ability to collaborate effectively in a fast-paced environment are key attributes for success in this role. Strong communication, presentation, client service, critical thinking, organizational, and problem-solving skills are crucial. Your commitment to upholding high-quality standards and customer service focus, along with a proactive approach to education and career progression, will be highly valued at ACA. At ACA, we offer a competitive compensation package based on performance, along with a comprehensive Total Rewards package that includes medical coverage, Maternity & Fertility programs, wellness initiatives, insurance benefits, employee discount programs, and various leave options to support your overall well-being. Join us at ACA and be part of a dynamic team dedicated to reimagining GRC and helping clients protect and grow their businesses.,

About ACA: ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape. Position Summary: The individual in the role of Information Risk Analyst will be responsible for assisting in coordinating and managing the execution of the information security framework, policy and programs of ACA. This individual will work with ACA teams, various department managers, staff and vendors to assist with the development, execution and enforcement of information security standards that support ACAs robust security program. Job Duties: Guide development of (and ensure compliance with) corporate security policies, standards and procedures. Manage the annual review cycle and sign off of policies, while proposing changes to existing policies and procedures to ensure operating efficiency and regulatory compliance. Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements. Recommend and coordinate the implementation of managerial and technical controls to support and enforce defined. Manage the annual Information Security management program that includes Risk Assessments, Penetration tests, disaster recovery plan and employee communication tests. Perform ad-hoc work/special projects as necessary to support ACA on various client and internal Craft and communicate creative and practical solutions to problems and express those solutions in infrastructure as code Education, Experience and Skills Required Education and Experience: Bachelors Degree in related field Two years professional hands-on in an Information Security role Experience in Information Security Governance, Compliance, and Risk Management. Experience evaluating threat / risk landscapes and establishing best practices for security operations, governance, compliance and audit. Knowledge of industry security concepts / frameworks and regulatory standards such as ISO-27001, NIST, HIPAA, PCI DSS, and CIS frameworks. Preferred Education and Experience: Information Security Certifications (Comptia, ISC(2), ISACA) AWS Security certification is a plus but not required Required Skills and Attributes : Demonstrated professional integrity Dependable, flexible, and adaptable to new initiatives and ever-changing client needs Ability to work well in a fast-paced environment and able to collaborate with multiple colleagues/groups to deliver exceptional customer service Ability to exercise discretion and make independent judgments on matters of significance Strong written and verbal communication, presentation, client service, and critical thinking skills Ability to work independently, multi-task and prioritize effectively Ability to establish and maintain effective working relationships with colleagues and clients Highly motivated and goal oriented; pro-active in ones own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks. Dedicated to upholding ACAs high-quality standards and customer service focus Strong organizational and problem-solving skills with attention to detail What working at ACA offers: We offer a competitive compensation package where youll be rewarded based on your performance and recognized for the value you bring to our business. Our Total Rewards package includes medical coverage fully funded by ACA for employees and their family as well as access to Maternity & Fertility and Wellness programs. ACA also provides Personal Accident Insurance, Group Term Life Insurance, Employee Discount programs and Employee Resource Groups. Youll be granted time off for designated ACA Paid Holidays, Privilege Leave, Casual/Sick Leave, and other leaves of absence to support your physical, financial, and emotional well-being. What we commit to: ACA is firmly committed to a policy of nondiscrimination, which applies to recruiting, hiring, placement, promotions, training, discipline, terminations, layoffs, transfers, leaves of absence, compensation and all other terms and conditions of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected status. Show more Show less