Graybar Lead IT Risk and Compliance Analyst - Remote in Wichita, Kansas
Make a difference.
As a Lead IT Risk & Compliance Analyst, you will analyze information security systems and applications and recommend, design, and develop security measures to protect information against unauthorized access, modification or loss. You will investigate, analyze, and report security and compliance related information in support of audits, internal investigations and legal actions, and recommend, design, and develop security and/or risk and compliance technologies, and establish monitoring of networks and systems for improper or unauthorized access.
This position can be performed fully remote.
In this role you will:
Design and develop risk and compliance policies, procedures, plans and processes, to ensure the information security framework is effective and fully integrated with IT processes
Design, and develop new or changes to existing information security and/or risk and compliance measures, architectures, and technologies including monitoring, access control, governance, crisis communication, and filtering systems
Facilitate risk assessments, vulnerability assessments, and third party security assessments.
Facilitate employee cyber security education program.
Identify opportunities for improvement and ensure appropriate plans are developed and implemented to improve the Company's risk posture
Serve as a thought leader and subject matter expert for control frameworks, regulations, and standards, including COBIT, SANS, NIST, SOX, PCI, HIPAA, FRCP, FACTA and others, and consult with the business on risk and compliance policies, regulations, standards, and processes
Design and develop reporting, e-discovery, forensic, and other needs in a professional and ethical manner and in support of investigations, audits, assessments, and license reviews
Advocate and train others in security principles such as the principle of least privilege, separation of duties, defense in depth, accountability, non-repudiation, and transparency
Design management, audit, and regulatory reports and/or presentations in support of IT Risk and Compliance and company goals and objectives
Identify, investigate, and remediate issues with information security and/or risk and compliance measures, architectures, and technologies in conjunction with IT Risk and Compliance and other technical team members
Facilitate awareness training, policy development, license and regulatory reviews, and audit remediation sessions identifying opportunities for improvement and ensuring appropriate plans are developed and implemented to improve the Company's risk and compliance posture
What you bring to the table:
10 years experience in strategic planning, business forecasting, or business development, 11+ years experience preferred
4 year degree; advanced degree preferred
Training and/or certification in information security, audit, or computer forensics preferred
CISSP or equivalent certification preferred
Superior knowledge of security concepts, principles and practices
Superior knowledge of compliance requirements (ie, PCI, HIPPA, SOX, FRCP, and handling SBU data) and industry best practices (NIST, CSI, IS0 27002, etc)
Superior knowledge of information technology architecture
Superior knowledge of computer forensics technologies and practice (ie, FTK, Encase, Write Blockers, Helios, etc)
Superior knowledge of information security technologies (ie, Intruder Protection Systems, Security Information and Event Management, Access Controls, Web filters, Firewalls, Internet Proxy, Hard Disk Encryption, etc)
Superior knowledge of audit, assessment, and remediation planning
Superior knowledge of disaster recovery
Superior problem solving skills
Superior large and small group and interpersonal communication skills and ability to work well with others
Superior project with the ability to set priorities and manage time
Superior customer service skills
Ability to respond to information security incidents
Ability to perform after hours, shift work, and be on call during designated periods
Ability to communicate technical information to a non-technical audience both orally and in written form
The expected rate of pay for this position is $88,000 - $112,000 annually.
Why should you join Graybar?
At Graybar, our employees are the heart and soul of our company. We believe that employees with diverse perspectives bring the ideas and innovative thinking we need to solve our biggest challenges and compete in an ever-changing world. Consistent with our values, we welcome people from all backgrounds, cultures and experiences into our company because we believe it’s the right thing to do and the right way to run our business. We want each of our employees to know that they matter and to feel a sense of belonging, ownership and inclusion at Graybar. We believe that everyone should be treated with dignity and respect, and we work to build a collaborative environment where our employees have the opportunity to grow, learn and make a difference, both as individuals and as part of the team.
That’s what our employee ownership culture is all about: working as one team and moving forward together, while honoring the unique value each person brings to our company.
Apply now and find out what’s next for you.
At Graybar, we are known for our comprehensive benefits and our employee stock ownership plan! As a full-time employee of Graybar, you will accrue THREE weeks of vacation during your first 12 months, and will have access to a wide variety of our benefits. Benefits include: Medical Insurance and Prescription Drug, Dental Insurance, Vision Plan, Life Insurance, Flexible Spending Accounts, Disability Benefits, Profit Sharing Plan, 401(k) Savings Plan, Paid Vacation, Sick Days and Holidays, Employee Recognition Program
Equal Opportunity Employer/Vet/Disabled
Not the right fit? Let us know you're interested in a future opportunity by clicking Introduce Yourself in the top-right corner of the page or create an account to set up email alerts as new job postings become available that meet your interest!
Graybar, a Fortune 500 company, specializes in supply chain management services, and is a leading North American distributor of high quality components, equipment, and materials. We serve the construction market, the commercial, institutional, and government (CIG) market, and the industrial and utility markets. Graybar products and services support new construction, infrastructure updates, building renovation, facility maintenance, repair and operations, and original equipment manufacturing.