InfoSec Risk Mgmt Analyst - GRC (St. Louis)

Job description

Knowledge (includes but is not limited to): - General knowledge of risk management methodologies. - General knowledge of policy lifecycle processes . - General knowledge in information security best practices and frameworks, including (but not limited to) NIST Special Publications and Cyber Security Framework, CIS Controls, ISO/IEC 27000 series, and OWASP Top 10. - General knowledge of audit and compliance methodologies. - General knowledge of laws and regulations related to information security and relevant to the organization, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Skills (includes but is not limited to): - Demonstrate professional skepticism to ensure evidence is sufficient when assessing the relevant information security controls. - Communicate and present concisely and effectively based on the appropriate level of management and audience. - Manage competing deadlines and prioritize responsibilities to effectively meet business needs. - Work both independently and as part of a team at all levels and across departments. - Demonstrate an understanding of business processes, internal control risk management, IT controls, a...