logo inner

Information Security GRC Analyst

DISCOOnsite

PROFILE SUMMARY


A brief statement of the general nature and purpose of the job and its core functions.The Information Security GRC Analyst supports the security governance and risk and compliance programs.  They perform reviews, assessments, and audits, conduct research, and facilitate communication to internal and external stakeholders where necessary. They monitor, coordinate, and implement documentation to support security, compliance, and audit requirements. They ensure compliance with our audit obligations and drive continual improvement in our risk and cyber-security posture.

KEY ACCOUNTABILITIES


List of major or essential job accountabilities.                                                Information Security Compliance Program: Supports the information security programs including risk management and compliance testing. Coordinates security risk assessment activities and security compliance audits. Contributes to security audit procedures relevant to SOC 2 & ISO 27001. Improves and operationalizes vendor security and compliance programs.Compliance and Audits: Improves existing compliance programs and processes.

Designs and executes audit procedures to assess and measure company compliance with its security policies and procedures. Participates in compliance testing and monitoring of regulatory obligations, and other regulatory matters as required. Assists in responding to 3rd party assessments; maintains a library of security and compliance documentation. Reporting and Documentation: Collects, analyzes, and prepares reports required for senior management, regulators, and other relevant stakeholders. Works closely with internal stakeholders on resolution of risk and compliance issues. Documents, investigates, and reports cybersecurity compliance issues and incidents.  Supports activities related to contingency planning, business continuity management, and IT disaster recovery.  Maintains and improves information security policies.

EXPERIENCE


The minimum years and specific experience required to perform this job.3+ years of experience in security operations, risk or compliance management1+ years of IT or other relevant technical experienceSignificant knowledge and experience with ISO 27001 and SOC2Experience coordinating tasks to complete third party assessmentsExperience writing clear and concise policies, procedures, or controls in one or more standards/frameworks

Other preferred experience for the position


Experience securing the public cloud (AWS, GCP, Azure)Experience responding to third-party risk management questionnaires from client and customer organizations

SPECIALIZED KNOWLEDGE or SKILLS


Key 3-5 specific skills or knowledge required to be able to fulfill the job requirements.Knowledge of computer networking concepts and protocols and network security methodologiesKnowledge of risk management processesKnowledge of cyber threats and vulnerabilitiesAbility to advance multiple projects concurrentlyExcellent oral and written communication skills, with the ability to clarify complex topics to both technical and non-technical audiences

Perks of DISCO


  • Open, inclusive, and fun environment
  • Benefits, including medical and dental insurance
  • Competitive salary plus discretionary bonus
  • Opportunity to be a part of a startup that is revolutionizing the legal industry
  • Growth opportunities throughout the company

About DISCO


DISCO provides a cloud-native, artificial intelligence-powered legal solution that simplifies ediscovery, legal document review and case management for enterprises, law firms, legal services providers and governments. Our scalable, integrated solution enables legal departments to easily collect, process and review enterprise data that is relevant or potentially relevant to legal matters. Are you ready to help us fulfill our mission to use technology to strengthen the rule of law? Join us! We are an equal opportunity employer and value diversity.

We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Life at DISCO

As the leading provider of software as a service solutions developed by lawyers for lawyers, DISCO is reinventing legal technology to automate and simplify complex and error-prone tasks that distract from practicing law. DISCO has been embraced by more than 400 law firms, including 50 of the top AmLaw 200, as their first choice for innovative technologies that enhance the practice of law to help secure justice and win cases.
Thrive Here & What We Value1. Open, Inclusive, and Fun Environment2. Benefits: Medical, Dental, Vision Insurance, 401(k)3. Competitive Salary Plus RSUs4. Flexible PTO5. Growth Opportunities Throughout the Company6. Equal Opportunity Employer and Value Diversity7. Revolutionizing Legal Industry with Technology Innovation8. Commitment to Continuous Product Delivery, Planning, Design, Sleep Schedules, Vacations, and Fun
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2024