Sr. GRC Analyst
- Pasadena, CA
At Bluebeam, we empower people to advance the way the world is built. We create smart software solutions that make construction sites more efficient, connected and safe and improve the lives of design and construction professionals everywhere.
*This role is a full-time, onsite position. Due to COVID-19, all new employees will be required to start work remotely until we are able to return to the office. More information will be provided in the interview process.*
The GRC Analyst will support in educating, establishing, and maintaining Information Security Governance, Risk Management, and Compliance (GRC) workflows, validate adherence to information security standards, coordinate audit and regulatory compliance projects, facilitate information security awareness initiatives, as well as help maintain standards, policies, and policies that govern the information security program for the company.
Job Duties & Responsibilities
- Lead the ongoing development the Information Security GRC program and activities.
- Collaborate across the organization on documenting, implementing, monitoring and managing Information Security controls.
- Review and update information security policies, procedures, standards, and other information security related documentation.
- Conduct evaluations of security control effectiveness.
- Support internal and external audits.
- Collect and maintain evidence of compliance with information security policies and regulatory requirements.
- Coordinate written responses from customers and prospects on Information Security controls and regulatory compliance.
- Support both internal and external vendor due diligence, security assessments and review processes.
- Promote security awareness and cultivate employees’ adherence to information security best practices.
- Support business projects and perform other duties as assigned.
- 3+ years of full-time work experience in IT audit or IT risk management. Experience in leading security assessments, IT risk assessments, and InfoSec control management.
- Experience working with or managing Security compliance frameworks such as SOC2 and ISO27001:2013.
- Highly motivated, strong work ethic, attention to detail, and organizational skills.
- Ability to manage priorities in a fast-paced environment.
- Working knowledge of common IT technologies and processes.
- Basic understanding of technical aspects of information security.
- Good communication skills including ability to present technical subjects to non-technical audiences.
- Understanding of common Information Security and Information Technology frameworks and standards, such as ITIL, COBIT, NIST, and ISO27000 series.
- Thorough understanding of risk management principles and methodologies.
- Ability to translate abstract and vague regulatory requirements into cohesive actionable compliance tasks.
- Ability to collaborate in a team setting and moderate conversations involving cross-functional groups.
- Understanding of software development methodologies.
- Proficient with the Microsoft office suite; presentation skills.
- Working knowledge of PII, PHI, financial data regulations, data residency requirements, and international regulatory aspects pertaining to sensitive information.
- General knowledge of tools and services commonly employed within information security programs is a plus.
- Experience with application security, SaaS environments, or cloud security is a plus.
Licenses & Certifications:
- CISA, or a similar risk management, audit, or security certification.
If you think you are a good match for the Bluebeam team, please send us the following:
- Your Resume
- Some sort of personalized introduction for us. This could be a cover letter, a few bullet points about yourself, a comic strip you’ve drawn - anything that tells us a bit about you AND why you want to work here.
The construction industry is adopting new technology at a feverish pace. Tablets and cell phones are replacing paper blueprints, drones are surveying jobsites in 3D, and cloud collaboration is changing the way teams work together. Bluebeam plays a crucial role in this transformation. The key to our success is a customer-focused approach to product development: we work with the industry to create solutions for the industry. Today, over 1.6 million people throughout the world use Bluebeam. In the US, we’re a critical partner for the majority of top AEC firms, and rapidly expanding our presence globally, with offices in Sweden, Germany and the UK.
Come design and build your future with us.
Bluebeam is proud to be an equal opportunity workplace. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.
Back to top