Information Security GRC Analyst III
CareSource · Dayton, Ohio, US
Job Summary: The Information Security GRC Analyst III managed day to day, short and long term information security risks and ensures activities are within ri...
Job description
Job Summary: The Information Security GRC Analyst III managed day to day, short and long term information security risks and ensures activities are within risk tolerance and in compliance with approved risk management policies, procedures and limits. Essential Functions: - Measure, monitor, and report on information security risks - Review and report on vendor/third party risk to support vendor risk management activities - Engage staff and/or vendors to develop information security risk mitigation plans to address risks identified in Vendor risk reviews - Monitor and report on information security risk mitigation plans to ensure timely execution - Engage employees in the management of information security risk and ensure they are aware of their accountabilities with regard to information security risk management - Regularly assess and report to management any exceptions to information risk management policies, procedures and limits - Engage with the Enterprise Risk Management office to ensure information risk management policies, procedures and limits are aligned with Enterprise Risk Management policies and guidance - Contribute and provide input to the development of operational d...