Job Description

Location: Raleigh, NC (RTP) Hybrid, 2 days/week onsite

The GRC Compliance Analyst will facilitate the completion of industry, regulatory, and customer audit requests to accurately reflect NetApp’s security and compliance posture to current and potential customers. The analyst will work with the overall Global Security Team and internal business units to understand our security and continuity posture, collect supporting evidence, identify gaps in expectations/capabilities, and drafts externally facing responses.

Duties and Responsibilities

• Facilitates ISO27001, SOC 2 Type II, and customer audits
• Assists the Sales department in the completion of RFIs, RFPs, and customer security questionnaires
• Communicates with other business units to determine applicability and scope of questionnaires
• Assists with the build, implementation and maintenance of Global Security’s external compliance product/SaaS tool including AI upgrades, documentation, and daily management
• Collaborates with Global Security and/or other internal business to collect supporting evidence
• Facilitate customer audits, evidence gathering, finalizing responses, tracking remediation tasks, and audit close
• Communicates gaps in processes/compliance requirements with Global Security Risk Team as necessary
• Assists in reviewing customer/partner contracts for Information Security requirements
• Collaborates with internal business units to provide evidence and/or information for internal and external audits
• Ensures all Security policy and procedures are documented and updated according to Global Security standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository / system of record up to date as defined by the Global Security Governance program

Minimum Qualifications

• Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree.
• At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools and enablers in a technology related industry and five (5) – seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required.
• Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. GDPR, SOC 2, DORA, ISO27001)
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving skills.
• Ability to work both independently and as part of a team to deliver quality work products in a timely fashion in a fast-paced environment.
• Ability to multi-task and prioritize tasks.
• The ability to work well with people from many different disciplines with varying degrees of technical experience.
• The ability to adapt to a dynamic, rapidly changing business and technical environment.
• Ability to exercise good professional judgment.
• Ability to maintain confidentiality.
• Ability to oversee all aspects of projects and manage projects through the entirety of the life cycle Preferences
• Ability to develop security standards and guidelines based on best practices and industry standards

Preferred Qualifications

• Information security related training or certifications such as CISSP or CRISC
• Experience performing information security audits or risk assessments
• Familiarity with security auditing processes
• Familiarity with the Digital Operations Resilience Act (DORA)
• Familiarity with customer security questionnaires, RFIs and RFPs

This is the pay range that Magnit reasonably expects to pay for this position: $26-30/Hr

Benefits: Medical, Dental, Vision, 401K

Temporary job opportunities align well with people who are looking for career flexibility and less traditional ways of working, but at the same time are people driven to deliver amazing work in high-profile situations. Magnit Direct Source is a service offered by Magnit Global that provides top talent directly to industry leading clients who have flexible temporary assignments that work on a variety of projects and unlock opportunities for exciting work. As a temporary employee, you will be employed by Magnit Global, NetApp’s vendor responsible for fulfilling temporary jobs at NetApp. You will not be employed by NetApp.

Job Tags

Contract work, Temporary work, Flexible hours, 2 days per week,

Similar Jobs