GRC Policy Analyst
Position: GRC Policy Analyst
Location: Boston, MA (Hybrid)
Duration: Long term contract Position
Job Details:
Oversee and manage all policies including revisions
Develop and manage the policy exception process including metrics and reporting
Coordinate with key stakeholders on policies and standards across the MBTa
Research and evaluate policies to ensure they are current and follow all applicable laws, regulations, and guidelines
Identify and implement GRC security controls based on the NIST framework
Manage the cybersecurity awareness program including annual training, phishing training, and special group training
Collaborate within the GRC team on larger GRC projects around risk analysis and compliance requirements
3-to-5 years experience working with NIST Cybersecurity Framework, and familiarity with NIST 800-53 Rev. 5
3-to-5 years experience managing a policy program including updating current policies, tracking exceptions, and developing and reporting out metrics
3 -to-5 years experience working with security content platforms and developing curricula for cybersecurity training
To apply for this job email your details to tausif.alam@intone.com