Join Netcracker Technology, a wholly owned subsidiary of NEC Corporation, to work for a forward-looking software company, offering mission-critical solutions to service providers around the globe. Our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem. With an unbroken service delivery track record of more than 20 years, our unique combination of technology, people and expertise helps companies transform their networks and enable better experiences for their customers.

Position Summary:

This position is responsible for supporting Netcracker’s security governance, risk and compliance program. Emphasis will be on executing key controls testing, performing risk assessments and maintaining security compliance framework documentation across the security program as needed. The individual will work with the various functions to evaluate the design and effectiveness of the control environment. The GRC Analyst will support various GRC initiatives and Security projects. They will also support, develop and delivery of security awareness training company-wide.

Responsibilities include:

To Support and/or lead any of the below activities:

• Build Insider Threat program
• Build Security Board for Escalations and Security Strategy
• Develop Corporate Security Policies
• BCP and DR planning for corporation
• Conduct BCP exercises
• Prepare GSO for upcoming regs and customer expectations (i.e. GDPR, CAS(T))
• Manage Customer facing responses related to security.
• Respond to data discovery and security questionnaires, RFIs/RFPs.
• Coordinate Customer specific audits
• Coordinate Customer Specific BCPs
• Be point of contact for contract language input
• Manage the Project Codes for GSO
• Manage the Quarterly Access Review process
• Do Invoice management/Track budget and spend
• Redesign the GRC web content
• Manage the Security Awareness program
• Support Netcracker’s Information Security Governance, Risk and Compliance (GRC) frameworks and administration.
• Assist in identifying and communicating control gaps and evaluating management remediation action plans and related reporting.
• Respond to data discovery and security questionnaires, RFIs/RFPs.
• Conduct risk assessments of third parties as part of the Vendor Risk Management program.
• Sustain awareness of external regulations for new or changed requirements within Netcracker (PCI, ISO27001, etc.).
• Facilitate Information Security meetings and maintain meeting notes.
• Work across teams to accomplish security program goals.

Requirements:

• Understanding of IT governance, information security policies, standards and industry best practices.
• Knowledgeable with security risk frameworks (e.g., ISO 27001/27018/22301, NIST 800 series, COBIT, etc.) and regulatory compliance (e.g., SOX, SOC 1/2/3, PCI-DSS, PA-DSS, etc.) from a global perspective.
• Practical experience in scoping, conducting audits and risk assessments, and documenting results.
• Detail oriented and able to meet tight deadlines.
• Excellent documentation skills and ability to communicate effectively across functional areas.
• Strong knowledge of Information Security domains, concepts and principals.
• CISA, CIA or equivalent designation is a plus.
• Experience using Risk Management tools is a plus.

Education:

• Bachelor degree in Information Systems or a related field.