Jr- mid level IT Security Governance Risk Compliance Analyst

ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government’s Small Business Administration.

We are seeking a Jr- mid-level IT Security Governance Risk Compliance Analyst for a contract-to-hire role in Englewood, CO.  This contract-to-hire role will be located onsite/ in the office, Monday- Friday (no remote options) in the south Denver area (near I-25 and Lincoln). 

In this role, you will be responsible for working with subject matter experts (SME), business partners, and management to evaluate information security-related issues, develop remediation and mitigation plans, document policy waivers or exceptions, and track progress towards issue closure. Issues include audit findings, control gaps, policy violations, and other security-related items. 

Primary responsibilities of this role include the following:

• Support the issue management program to ensure real-time updates are made to open issues.
• Maintain the repository of logged issues and provide reporting where required.
• Review internal policies, industry standards, and relevant regulations and understand how they apply within the organization
• Guide issue documentation through approval workflows and incorporate feedback from each stage of the review process.
• Support end-user questions, and conduct training related to the issue management program.
• Develop and maintain indices, glossaries, and other supporting documentation.
• Publish and distribute issue management program metrics and dashboards.

• Associate’s Degree and at least 0-3 years of directly related experience.
• Familiar with information security and risk management concepts and standards as well as a general understanding of information technology systems and terminology.
• Basic working knowledge of information security concepts and controls.
• Ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.
• Ability to work independently with little direction and/or supervision.
• Superior communication skills with the ability to ask questions, escalate roadblocks early and interact effectively at multiple levels in the organization.
• Keen attention to detail with the ability to correct on the fly and work independently
•  Analytical aptitude with an emphasis on investigative, methodical critical questioning, and logical thinking; a data-driven decision-maker.
• General understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
•  High-level interpersonal skills.

Preferred: 

•  A general understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations as well as industry standards such as NIST 800-35 and ISO 2700x is preferred.
• General understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.

This contract-to-hire will be located onsite/ in the office, Monday- Friday (no remoteoptions) in the south Denver area (near I-25 and Lincoln).