Cybersecurity GRC – Compliance Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Cybersecurity Compliance Analyst ensuring adherence to security frameworks for Trimble. Collaborating with international cybersecurity team and assisting in compliance audits.
Responsibilities:
- Perform ISO 27001, ISO 27701, SOC 2 & NIST 800-171 gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate.
- Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework
- Perform ISO 27001 & ISO27701 Internal Audits.
- Perform SOC 2, NIST 800-171 Internal & External Audits
- Contribute to annual policy revisions and maintenance of the IMS.
- Constantly coordinate with key business stakeholders and the external auditor
- Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership.
- Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks.
- Collaborate with Cybersecurity team members, Trimble businesses across various geographies.
- Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed.
- Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks.
- Be able to understand and communicate technical risks to a broad set of stakeholders. Must be able to adjust delivery to the audience.
Requirements:
- Preferable a relevant degree in Data Science, Computer Science or Engineering (Software or Electrical)
- Current general security certifications (e.g., SEC+, GSEC) encouraged but not required
- ISO 27001 Certified Internal / Lead Auditor and or equivalent experience
- 2 years experience working with ISO 27001, ISO 27701, SOC 2 and or NIST 800-171
- Proficiency in English (written and oral)
- 2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company
Benefits:
- Flexible work arrangements
Similar Jobs
Compliance/Security Officer
Compliance Officer overseeing comprehensive compliance program while ensuring adherence to federal and state laws. Leading policies, audits, and risk assessments in a healthcare context.
Director of Security
Director of Security responsible for information security and compliance for Crete Professionals Alliance. Leading a team, managing risk, and integrating security processes across the organization.
Security Engineer
Information Security Engineer managing endpoint defense, security awareness, and operations. Collaborating to enhance the security program within FMG's remote IT environment.
Security Tech Lead
Security Tech Lead managing information security initiatives to protect data and systems. Leading and supporting the adoption of secure practices across teams and gaining client trust.
Senior Supply Chain Security Engineer
Senior Supply Chain Security Engineer developing Docker's security-hardened images and managing Helm charts. Collaborating on upstream OSS projects and ensuring compatibility with Kubernetes and security guidelines.
Enterprise Security Engineer
Enterprise Security Engineer at Benchling focusing on building a security program and implementing zero trust strategies for sensitive data protection.
Head of Security Research
Head of Security Research leading a team of security experts at Dropzone AI. Overseeing threat intelligence, detection engineering, and building an elite security team.
Information Systems Security Manager
IT Security Manager leading security professionals to protect sensitive data and ensure compliance. Overseeing cybersecurity policies, incident response, and risk management frameworks.
IT Business Partner, Enterprise Solutions – Real Estate and Corporate Security Platforms
Business Partnering role focused on leading business analysis for Real Estate and Corporate Security technology at Fresenius Medical Care. Collaborating with business owners to define and manage digital strategy and roadmap.
Cybersecurity Engineer II
Mid-level Cybersecurity Engineer responsible for identity security and cloud platforms. Supporting compliance with CMMC and NIST across various government environments.
FP&A Director, Security
FP&A Director overseeing P&L accountability and financial analysis for Cobalt’s security business. Driving key operating decisions and contributing to M&A deals.
Senior Corporate Security Engineer
Corporate Security Engineer handling IT and cloud security for Juniper Square, focusing on threat detection, incident response, and security tooling management.
Security Engineer – Threat Detection
Security Engineer at Snowflake enhancing threat detection capabilities utilizing AI and automation, collaborating across Security and Engineering teams.
Senior AI Security Engineer, Cyber Architecture, OT and Engineering
Sr. Agentic AI Engineer designing, building, and operationalizing agentic AI systems at EY. Working on multi-agent frameworks and intelligent automation to enhance cybersecurity posture.
Senior Security Architect
Remote Sr. Security Architect at Alkami, enabling secure business practices with proactive security initiatives and collaboration across teams in a growing SaaS environment.
Information Security Officer
Information Security Officer at SmartestEnergy Limited shaping ISO 27001:2022 across a global business landscape. Driving governance, risk management, compliance, and security best practices in a collaborative environment.
Network Security Engineer
Network Security Engineer designing, implementing, and maintaining secure network infrastructures at SOFTSWISS. Strengthening corporate security and improving standards in iGaming services.
Senior Solutions Director – Security
Sr Solutions Director directing Security solutions strategy at ePlus. Leading go-to-market plans for innovative Security technology solutions.
Distinguished Engineer, Cybersecurity
Senior leader overseeing cybersecurity and data solutions at Nagarro. Driving innovation, strategy, and client engagement across various domains and industries.
Senior Security Administrator
Senior Security Administrator supporting SaaS/cloud customers with security configurations and troubleshooting. Collaborating with an expert team to ensure system security.