IT/ Security GRC Analyst (Entry Level) 

Job Summary 

Responsibilities 

• Drafting initial policies, procedures, and processes based on instruction around assessment and/ or compliance framework requirements 
• Assisting in translating compliance guidance and assessment results into plain English that is understandable and actionable 
• Tracking for non-compliance with applicable controls, and monitoring remediation 
• Assisting in initially assessing the adequacy of the security/ IT controls for the client's environment and business objectives 
• Working with various client GRC tools, including data imports/ exports 
• Evaluating new and existing technologies that might satisfy security/ IT controls 
• Assisting on other back-end risk, compliance, controls, assessment, security duties for Hotman Group or client support as assigned 

Knowledge, Skills, and Abilities 

• Strong ability to follow instructions, ask intelligent questions, and engage critical thinking skills to complete the work 
• Strong ability and willingness to listen, learn, and adopt new practices/ understanding to get done what’s needed 
• Ability to manage multiple tasks simultaneously without missing deadlines or dropping assignments 
• Ability to adapt quickly and without frustration to changing priorities and emphasis 
• Strong attention to detail and high commitment to quality 
• Good attitude and courtesy to work with a small, fast-paced team 
• Efficient worker looking for ways to gain efficiencies and maximize time spent 
• Passionate about cybersecurity, risk, and compliance to make companies more secure and healthy in protecting their data 

Requirements 

• Bachelor or Graduate degree in a cybersecurity, information systems, or related field 
• Technical skills: Excel (including advanced functions like VLOOKUP), Word, PowerPoint 
• Familiarity and knowledge of fundamental security/ IT concepts (e.g., retention, data classification, change management, access control, asset management, third party risk) 
• Familiarity and knowledge of common security frameworks (e.g. ISO, NIST, SOC 2) 
• Technical aptitude to be able to learn new technologies with little instruction 
• Strong written and verbal skills 
• Prefer experience working (or an advanced degree) in a complementary field that would translate similar skill-set to a career in cybersecurity 
• Genuine interest and willingness to work hard for the long haul to pursue a career in cybersecurity/GRC 
• Previous professional work experience required
• Candidate must have permanent authorization to work in the USA for any employer 

About Hotman Group, LLC