Join Netcracker Technology, a wholly owned subsidiary of NEC Corporation, to work for a forward-looking software company, offering mission-critical solutions to service providers around the globe. Our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem. With an unbroken service delivery track record of more than 20 years, our unique combination of technology, people and expertise helps companies transform their networks and enable better experiences for their customers.
Position Summary:
This position is responsible for supporting Netcracker’s security governance, risk and compliance program. Emphasis will be on executing key controls testing, performing risk assessments and maintaining security compliance framework documentation across the security program as needed. The individual will work with the various functions to evaluate the design and effectiveness of the control environment. The GRC Analyst will support various GRC initiatives and Security projects.
Responsibilities include:
Support Netcracker’s Information Security Governance, Risk and Compliance (GRC) frameworks and administration.Maintain internal compliance against information security policies and procedures by the planning, testing, remediating, tracking and reporting on internal control reviews and risk assessments.Create, analyze and develop risk assessment and audit reports.Assist in identifying and communicating control gaps and evaluating management remediation action plans and related reporting.Respond to security incidents (as required) and assist with the coordination of internal and external auditors as needed.Conduct risk assessments of third parties as part of the Vendor Risk Management program.Sustain awareness of external regulations for new or changed requirements within Netcracker (PCI, ISO27001, etc.).Facilitate Information Security meetings and maintain meeting notes.Work across teams to accomplish security program goals.
Experience & Requirements:
Minimum 3-5 years of experience in an information security and/or audit and compliance role.Solid understanding of IT governance, information security policies, standards and industry best practices.Knowledgeable with security risk frameworks (e.g., ISO 27001/27018/22301, NIST 800 series, COBIT, etc.) and regulatory compliance (e.g., SOX, SOC 1/2/3, PCI-DSS, PA-DSS, etc.) from a global perspective.Practical experience in scoping, conducting audits and risk assessment, and documenting results.Detail oriented and able to meet tight deadlines.Excellent documentation skills and ability to communicate effectively across functional areas.Strong knowledge of Information Security domains, concepts and principals.CISA, CIA or equivalent designation is a plus.Experience using Risk Management tools is a plus.
Education:
- Bachelor degree in Information Systems or a related field.
