Sr. Information Governance Risk and Compliance Analyst


Apply Now

Overview


Use your information security expertise in this exciting opportunity and help drive our Governance(GRC) program! You'll support our GRC efforts by performing technical assessments across the enterprise. Be part of the team that identifies risks and develops mitigation strategies to help ensure the success of the business. In return, you will enjoy amazing benefits and be part of exciting growth within the Enterprise Information Security Team!

Responsibilities


  • Perform technical assessments on internal systems and projects for compliance to policies, standards, and other security framework requirements (800-53, 800-171, CMMC, HIPAA, CSF, SOC, RMF and similar)
  • Conduct, review and report on these assessments, working with colleagues and the business for plans on reaching acceptable risk tolerance
  • Maintain and manage to track assessment results, compliance status, risk tracking, and continuous monitoring
  • Identify, track, and provide solutions to mitigate data security issues as part of overall risk management process by partnering with infrastructure and operations and business units, then communicating solutions and verifying remediation
  • Participate in defining and implementing technical security policies, procedures, standards, and guidelines based on knowledge of best practices, technical requirements, and compliance requirements
  • Design and collaborate on solutions to mitigate risks and enhance system security
  • Provide technical security advice and guidance to systems engineers and management

Requirements


  • 5+ years of technical, hands-on engineering, risk management, and assurance/compliance experience in IT security
  • Experience with technical security assessments and compliance reviews
  • In-depth technical knowledge of information security, security tools and systems, security control implementation, application security, and computer network access technologies
  • In-depth technical knowledge of data protection and integrity; operating systems and network security; authentication; and security protocols, practices, and standards
  • Strong interpersonal and communication skills to work effectively with IT and business units; ability to bridge communications between technical IT team members and compliance team members
  • Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships
  • Self-motivated and productive team player with ability to influence without authority and thrive in a dynamic environment
  • Bachelor’s in computer science, information management, or related field
  • US citizenship and ability and willingness to obtain a security clearance

Recommended Qualifications


  • CISSP, CISA, GIAC, or equivalent certification, or ability to obtain

#LI-SM1

#LI-Hybrid

Total Rewards

Esri’s competitive total rewards strategy includes industry-leading health and welfare benefits: medical, dental, vision, basic and supplemental life insurance for employees (and their families), 401(k) and profit-sharing programs, minimum accrual of 80 hours of vacation leave, twelve paid holidays throughout the calendar year, and opportunities for personal and professional growth. Base salary is one component of our total rewards strategy. Compensation decisions and the base range for this role take into account many factors including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

A reasonable estimate of the base salary range is
$93,600-$157,560 USD

About Esri


At Esri, diversity is more than just a word on a map. When employees of different experiences, perspectives, backgrounds, and cultures come together, we are more innovative and ultimately a better place to work. We believe in having a diverse workforce that is unified under our mission of creating positive global change. We understand that diversity, equity, and inclusion is not a destination but an ongoing process. We are committed to the continuation of learning, growing, and changing our workplace so every employee can contribute to their life’s best work. Our commitment to these principles extends to the global communities we serve by creating positive change with GIS technology. For more information on Esri’s Racial Equity and Social Justice initiatives, please visit our website here.

If you don’t meet all of the preferred qualifications for this position, we encourage you to still apply!

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need reasonable accommodation for any part of the employment process, please email askcareers@esri.com and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

Esri Privacy Esri takes our responsibility to protect your privacy seriously. We are committed to respecting your privacy by providing transparency in how we acquire and use your information, giving you control of your information and preferences, and holding ourselves to the highest national and international standards, including CCPA and GDPR compliance.