Senior Information Security Control Validation Analyst
001
Hybrid
Control validation and testing
Information security control validation
Cybersecurity frameworks (nist csf, iso 27001)
Plan and execute control validation and testing activities across various domains such as access management, vulnerability management, incident response, and data protection
Job Summary
Plan and execute control validation and testing activities across various domains such as access management, vulnerability management, incident response, and data protection.
Mentor junior analysts, providing guidance on control validation methodologies and best practices, and develop and enhance control testing methodologies, procedures, and reporting mechanisms.
Contribute to the maturity of the GRC program through automation, metrics, and process improvements, and prepare risk reports and dashboards for management and governance committees.
Matching Summary
Plan and execute control validation and testing activities across various domains such as access management, vulnerability management, incident response, and data protection.
Skills & Requirements
Must-have
control validation and testing
information security control validation
cybersecurity frameworks (NIST CSF, ISO 27001)
remediation recommendations
GRC program maturity
Nice-to-have
detail-oriented and technically proficient
solutions-oriented mindset
structured and reliable
enterprise focused
relationship driven
savvy and effective communicator
Key Requirements
5-8 years of experience in GRC, IT audit, or cybersecurity operations
Bachelor’s degree in a technical field
Security certifications (CISSP, CISA, CRISC, Sec+, or CC preferred)