GRC Policy Analyst
GRC Policy Analyst
Spruce Technology, Inc.
Clifton, NJ
See who Spruce Technology, Inc. has hired for this role
Detailed Description Of Services
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities
Spruce Technology, Inc. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Consistent with the Americans with Disabilities Act, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process.
The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the scope of NIST such as mobile device management, and data governance.
Responsibilities
- Oversee and manage NIST policy approvals and implementation at the MBTA
- Manage NIST policies within the ERM platform
- Coordinate with key stakeholders for non-NIST policies
- Research and evaluate policies to ensure they are up-to-date with current NIST guidance
- Stay aware of policy trends and new laws/guidelines from the Federal to state and local level
- Identify and implement GRC security controls based on the NIST framework.
- Manage and implement the cybersecurity awareness program including annual training, AUP acknowledgement tracking, and phishing training
- Collaborate with the GRC IT Risk Analyst on various projects for the GRC Department.
Spruce Technology, Inc. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Consistent with the Americans with Disabilities Act, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process.
-
Seniority level
Mid-Senior level -
Employment type
Contract -
Job function
Other -
Industries
Information Technology & Services
Referrals increase your chances of interviewing at Spruce Technology, Inc. by 2x
See who you knowGet notified about new Policy Analyst jobs in Clifton, NJ.
Sign in to create job alertSimilar jobs
People also viewed
-
Policy Analyst
Policy Analyst
-
Policy Advisor
Policy Advisor
-
Policy Analyst
Policy Analyst
-
Policy Analyst
Policy Analyst
-
Legislative Policy Analyst
Legislative Policy Analyst
-
Nuclear Weapons Policy Analyst
Nuclear Weapons Policy Analyst
-
Policy Analyst
Policy Analyst
-
Policy Analyst
Policy Analyst
-
Research and Policy Analyst
Research and Policy Analyst
-
Project Policy Analyst
Project Policy Analyst
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub