Information Security GRC Analyst at project44
Our mission is to usher in a new era of trust and predictability to transportation and logistics, but there’s still a lot of work to be done. The industry is massive, as is the opportunity. We’re looking for bright, ambitious individuals to join our growing global team and help us enable a more productive and successful world. We’re changing the way the world ships, and we’re looking for you to help us get there!
Information Security Governance Risk and Compliance Analyst, you will report to our Senior Director of Information Security and be responsible for supporting p44’s security governance, risk and compliance program. Emphasis will be on executing risk assessments and maintaining security governance framework across the company. The individual will work with the various functions to evaluate and design an effective control environment. The GRC Analyst will support various GRC initiatives and Security projects.
- Develops and maintains our information security related policies, standards, and procedures
- Executes our security awareness program
- Conducts risk assessments of our third parties as part of the Vendor Risk Management Program
- Tracks and manages progress of remediation within Enterprise Risk Registers
- Responds to information discovery and security questionnaires from customers and prospects
- Helps to prepare and manage audits, certifications and internal risk and control assessments
- Assists in identifying and communicating control gaps and evaluating remediation plans
- Facilitates Information Security committee and leadership meetings and maintain meeting notes
- Derives new KPI and KRI metrics to identify leading indicators of potential areas of concern
- Supports programs to mature InfoSec & compliance posture
Skills and Experience
- Bachelor’s degree in a Business, Computer Science, Information Technology, Information Security, or related field or equivalent experience, with proven academic record
- Familiar with GRC SaaS that help to automate InfoSec programs
- Strong experience with SOC2, ISO 27001 and SOX IT General Controls
- Familiar with broad and global security standards and regulations such as PCI, NIST-CSF.
- Passionate about InfoSec and privacy
- An advocate for continuous improvement
- Able to work in a collaborative environment with a willingness to share your ideas
- Self-starter with the ability to make decisions independently
- A self-motivated individual eager to learn and ask questions
- Ability to operate within a multicultural, multi-time-zone environment
Diversity & Inclusion
We're designing the future of how the world moves and is connected through trade and global supply chains. We can only deliver a truly world-class product and experience if our teams are as diverse and unique communities we are building for. So it's up to us to create a company where anyone can bring their authentic self to work everyday. We're constantly working to improve, and we accept our responsibility to elevate the voices left in the margins. It's on every one of us.
Our focus on inclusion manifests in the way we hire, the customers we serve, and the regions we prioritize. We're building a company that every one of us at project44 is proud to work for: a company that celebrates you for being you.
We pride ourselves on celebrating everyone — project44 is an equal opportunity employer actively working on creating a diverse and inclusive work environment where underrepresented groups can thrive. If you share our values and our passion for helping the way the world moves, we’d love to review your application!
For any needed accommodations during the hiring process, please email [email protected] Even if you don’t meet 100% of the above qualifications, you should still seriously consider applying. Studies show that you can still be considered for a role if you meet just 50% of the role’s requirements.
More about project44
Since 2014, project44 has been transforming the way one of the largest, most important global industries does business. As transportation and logistics continues to evolve and customer expectations around delivery become more demanding, industry technology must rise to the occasion. In just a few short years, we’ve created a digital infrastructure that eliminates the inefficiencies caused by dated technology and manual processes. Our Advanced Visibility Platform is used by the world’s leading brands to track shipments, collaborate with supply chain partners, drive operational efficiencies, and create outstanding customer experiences.