You're a mid-level GRC Analyst with a strong understanding of security technologies and experience in governance, risk, and compliance activities. Prior experie
Work type: hybrid
Location: Kansas City, MO
Type: Full-time
You're a mid-level GRC Analyst with a strong understanding of security technologies and experience in governance, risk, and compliance activities. Prior experience with SOC2 Type II audits and certifications like CISSP, CISM, or CISA are preferred. **What makes it worth a look...** Cyderes is seeking a full-time hybrid GRC Analyst in Kansas City, MO. They specialize in cybersecurity solutions, building practical security programs and stopping active threats. **You might be a good fit if you...** * Have experience in implementing information security policies and controls. * Can coordinate IT security governance, risk, and compliance activities. * Are familiar with responding to customer and partner requests regarding security compliance. * Possess strong knowledge of security technologies, including encryption and cloud network security.
We help the world Be Everyday Ready™
Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
## Responsibilities
· Coordinate IT security governance, risk and compliance activities across the enterprise
· Oversee information security compliance activities, including daily, weekly, quarterly and/or annual security risk assessments – both performing internal assessments and responding to external assessments
· Respond to request for information on Cyderes’ security compliance from customers and partners, review and negotiate relevant agreements
· Support efforts for compliance with SOC2, ISO 27001, NIST 800-53, and other security standards and regulatory frameworks
· Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
· Support the implementation and administration of the Governance, Risk, and Compliance system (GRC)
· Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
· Revise and maintain security & controls policies and procedures in accordance with applicable regulations
· Enable Continuous Compliance through Continuous testing of security & privacy controls
· Identify and provide recommendations for technology, licensing, and/or process updates to improve Cyderes overall security posture
· Develop and provide reports to keep management informed of the operation and progress of compliance efforts
## Requirments
· Strong knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security
· Experience in design and implementation of information security policies and controls
· Experience participating in external security audits; SOC2 Type II preferred
· Experience conducting needs assessments and identifying/implementing appropriate solutions
· Ability to take initiative and be proactive
· Ability to work independently and be resourceful
· Complex problem-solving and analytical skills
· Excellent communication skills, both verbal and written; ability to condense complex information into simple language for the appropriate audience
· CISSP, CISM, CISA certifications preferre