IT Data Security Analyst
Alpharetta, GA
Job Description:Arrow Electronics is seeking a proactive and detail-oriented Mid-Level IT Risk Analyst to join our dynamic IT Risk team. The ideal candidate will have 3-5 years of experience in cybersecurity risk identification, assessment, and remediation, with a strong background in various compliance frameworks and proven experience in independently managing audits. The Arrow IT Risk team provides a heavy amount of IT compliance guidance to the business from an advisory perspective. The ideal candidate would have worked with and been directly involved with business leaders to help enable and wrap compliance and certifications around respective business processes (sales, new business development, emerging markets). This is a remote position, but candidates must be located in the Atlanta metro.
What You'll Be Doing:
- Conduct comprehensive risk assessments of IT systems, applications, and business processes
- Maintain and contribute to risk management frameworks and methodologies
- Ensure compliance with relevant industry standards and regulations
- Identify, document, and manage risks in the risk register
- Collaborate with IT and business teams to implement risk mitigation strategies
- Monitor, assess, and report on the effectiveness of risk management controls
- Independently manage and successfully complete multiple audits as the auditee, from preparation to closure
- Assist in reviewing security incidents and their potential impact on business operation
- Monitor vulnerabilities and assist IT teams with tracking vulnerability management remediation
- Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Master's degree is a plus.
- Experience: 3-5 years in IT risk management/governance or information security with a heavy focus IT compliance.
- Heavy exposure to business processes, providing IT compliance advisory services to the business.
- Proven track record in IT risk assessments and mitigation actions.
- Demonstrated ability to independently manage multiple IT audits end-to-end as the auditee.
- Technical Knowledge: Strong understanding of IT governance frameworks (e.g., COBIT, ITIL) and risk assessment methodologies (e.g., FAIR, OCTAVE, NIST RMF).
- Compliance Expertise: Must have experience with multiple compliance frameworks, including ISO 27001 and CMMC. Familiarity with GDPR, HIPAA, PCI DSS, TISAX, DFARS-252.204-2017, FedRAMP and SOX is highly desirable.
- Tools and Technologies: Proficiency in risk management and GRC (Governance, Risk, and Compliance) platforms.
- Business Acumen: Understanding of business processes and their intersection with IT systems.
- Project Management experience is a plus!
- Excellent communication and presentation skills, including the ability to explain complex technical concepts to non-technical stakeholders.
- Proven ability to manage and successfully complete audits independently, demonstrating strong organizational and documentation skills.
- Strong analytical and critical thinking abilities.
- Adaptability to keep up with evolving compliance & regulatory changes, security threats, and technologies.
- Collaboration skills and ability to work in cross-functional teams.
- Effective time management, especially during busy ISO and other audit cycles.
- Strong ethical behavior and commitment to maintaining confidentiality.
- Experience working with publicly traded companies and/or firms under multiple certifications is highly valued.
- The ideal candidate is one that has worked in lockstep with various business units from an IT Risk advisory perspective.
- Candidates that have been auditees and handled end to end ISO 27001 audits from inception to closure.
- Relevant certifications (e.g., CRISC, CISM, CISSP, CISA, RMP)
- Experience with cloud security compliance and emerging technologies
- Knowledge of IoT and AI/ML security implications
- Remote work!
- Medical, Dental, Vision Insurance
- 401k, With Matching Contributions
- Paid Time Off
- Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options
- Growth Opportunities
- Short-Term/Long-Term Disability Insurance
- And more!
Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Location:US-GA-Alpharetta, Georgia (Morris Rd)
Time Type:Full time
Job Category:Information TechnologyEEO Statement:
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy)
We anticipate this requisition will be open for a minimum of five days, though it may be open for a longer period of time. We encourage your prompt application.
Job Profile
Must be located in the Atlanta metro
Benefits/PerksAnd more Collaborative team environment Competitive financial compensation Disability Insurance Financial rewards Great benefits Growth Opportunities Health savings account HSA Paid Time Off Professional development opportunities Remote work Short-Term/Long-Term Disability Insurance Solid benefits Solid benefits package Various compensation plans Vision Insurance
Tasks- Business development
- Collaborate with teams
- Conduct risk assessments
- Documentation
- Ensure compliance
- Maintain risk management frameworks
- Manage audits
- Manage risks
- Monitor risk management controls
- Project management
- Review security incidents
- Track vulnerability remediation
AI AI/ML Analytical Auditing Audits Business Development Business Processes Cloud Security CMMC COBIT Collaboration Communication Compliance frameworks Cybersecurity Data Security DFARS-252.204-2017 Documentation Ethical Behavior FAIR FedRAMP GDPR GRC platforms HIPAA IoT ISO 27001 IT Governance ITIL ML Nist rmf OCTAVE Organizational PCI DSS Presentation Project Management Risk Assessment Risk Management Risk management tools Sales Services SOX Time Management TISAX
Experience3 - 5 years
EducationBachelor's degree BE Business Computer Science Master's degree Related Field
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9