GRC Analyst

Why We Work at Dun & Bradstreet

We are at a transformational moment in our company journey - and we're so excited about it. Each day, we are finding new ways to strengthen our award-winning culture, and to accelerate creativity, innovation and growth. Our purpose is to help customers improve business performance with Dun & Bradstreet's Data Cloud and Live Business Identity, and we're wildly passionate and committed to this purpose. So, if you're looking to make an immediate impact at a company that welcomes bold and diverse thinking, come join us!



Why We Work at Dun & Bradstreet

Life here at Dun & Bradstreet is changing - for the better. With almost two centuries of experience and a new modern vibe, work at D&B has never been more exhilarating.

Our purpose is to grow the most valuable relationships in business by uncovering truth and meaning in data. We're wildly passionate about our purpose, and it has us evolving everything we do - from how we engage with our customers to how we energize one another.

So if you thrive in a fluid, agile culture but want the solidity of a storied and commanding brand, come join us!

Our Technology Team:

Technology is a global team that creates and operates the systems that deliver D&B data into our customer's ecosystems. We eat, breathe, and dream of technologies that run our business today - and those that will transform the way we deliver value in the future.

Responsibilities, Functions and Duties:

The trust our customers and partners put in our systems and data is critical to our success. We are looking a GRC Analyst to support the Security team in all aspect of our IT security, governance, risk and compliance processes. The analyst will be engaging various process owners in the design, evaluation, documentation and monitoring of the appropriate security controls in our environment, as well as interacting with external audits. The analyst will also be responsible for supporting the development / revisions of security policies and guidelines and assisting with risk assessments.

Partnership with Other Teams:

  • Under general direction, the Governance, Risk, and Compliance Analyst is responsible for the assessing and documenting of the D&B's compliance and risk posture as they relate to its information assets.
  • The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines


Individual Contributor Activities:
  • Develops, documents, evaluates, tracks and improves Information Technology (IT) Compliance controls with emphasis on information security
  • Makes decisions on the adequacy and reliability of controls; Works with appropriate teams on remediation based on severity of risk associated with control deficiencies.
  • Develop and implement a formal tracking mechanism to capture customer engagement findings and follow up on remediation activities
  • Onboard assessments and develop workflows in the eGRC toolset
  • Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
  • Support the Third-Party Risk program by analyzing responses to third party assessment questionnaires and reviewing supporting documentation (SOC reports, etc.) received from vendors to identify and evaluate the risks in establishing or continuing operations with them.
  • Reviews existing IT compliance controls for regulatory updates and performs necessary gap analysis
  • Prepares and presents reports as necessary.
  • Provide support and input to ensure security requirements are included in legal reviews and contracts


Measurement
  • Collects and collates data in support of GRC metrics, including status, issues, milestones, and key performance indicators (KPIs) to measure the program's effectiveness


Qualifications / Requirements:
  • We strongly value creativity, out-of-the-box thinking, and problem solving
  • 5-7 years of working experience of Information Security and information security frameworks (NIST, ISO, BITS, etc.), insurance or financial services industries, auditing and/or IT auditing (SOC)
  • Ability to self-organize, prioritize activities independently, create documentation and reporting
  • Manages time and uncertainty well - able to navigate corporate environments and drive projects with good enough, but imperfect or incomplete, information
  • Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
  • Experience in process improvements and ability to drive results across multi-disciplinary teams
  • Ability to work in fast-paced sales environment


Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.

We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to TalentAcquisitionTeam@dnb.com. Determination on requests for reasonable accommodation are made on a case-by-case basis.

Please note that all Dun & Bradstreet job postings can be found at https://dnb.wd1.myworkdayjobs.com/Careers and all communication from Dun & Bradstreet will come from an email address ending in @dnb.com.


Back to top