Governance, Risk, and Compliance Analyst - Remote USA

Employer
FireEye
Location
Washington, DC
Posted
Apr 29, 2021
Closes
May 05, 2021
Ref
1946930747
Function
Analyst, IT, QA Engineer
Hours
Full Time
Company DescriptionFireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant(R) consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html. Job DescriptionAs a part of Mandiant Defense, the Governance, Risk, and Compliance (GRC) Analyst supports theProduct Securityteam with IT compliance, risk management, and data governance activities spanning both Software as a Service (SaaS) and service delivery offerings.This role has a high degree of direct impact, including designing, coordinating, and driving both the successful implementation and ongoing audit of security across the business. As a consultative subject matter, the GRC Analyst embeds across distinct product teams to enable best practices and ensure compliance objectives are met before, during, and after design.What you will do:Work with Product Security colleagues on high-profile external audits and assessments, including the annual SOC 2 and FedRAMP requirements.Conduct compliance assessments of IT general controls for in-scope systems, including remediation assessments and audit-readiness assessmentsIdentify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence.Drive remediation activities with stakeholders, including developing remediation plans and tracking remediation progressSupport evidence collection and documentation for internal and external auditsPerform continuous monitoring activities and track control health metrics.Develop and manage internal GRC projects and initiatives.Stay up-to-date and informed on developing regulatory concerns, and changing IT and information security trends.Continuously improve GRC processes and proceduresQualificationsRequirements:FedRAMP / SOC 2 / NIST 800-53 / NIST CSFStrength in one or more security domains, eg Application, Cloud, Network SecurityProject management experienceBuilder / proactive / collaborative / distilling complexity to actionAdditional InformationAt FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. (Colorado applicants only*)Minimum Salary: $102,800. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye's Compensation Committee, and vesting termsBenefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance.Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program.FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.*Disclosure as required by sb19-085 (8-5-20)

Similar jobs