GRC Analyst; Detroit

Position: GRC Analyst (Detroit) Information Security Governance Risk Compliance Analyst Direct hire The position location will initially work out of the Detroit, MI office and then after a few months once the headquarters re-opens (remodelling now) this person can work from either their Detroit, MI office or Taylor, MI office. Position Description: We are looking for an Information Security Governance Risk Compliance Analyst to join our IT Team to improve infrastructure in our Detroit office. The candidate must have a bachelor's degree in Computer Science with a focus on Cybersecurity or a closely related field and 3-5 years of experience. Operation knowledge of Azure, O365, Crowd Strike, KnowBe4, Mimecast, ZenGRC+, and Archer. Candidate should also have strong leadership and project management skills, with the ability to manage multiple priorities and deliver results within deadlines. The candidate must also be self-motivated, work well with others, and have excellent writing, organizational, and communication skills. A flexible hybrid-remote work schedule is available after 30 days of employment. Typical responsibilities include: Responsible for monitoring and tracking regulatory changes, ensuring that the organization remains compliant with all relevant laws, standards and industry regulations. Conduct comprehensive risk assessments to identify potential threats and vulnerabilities within the organizations operations. Assist in the development, implementation, and revision of corporate policies and procedures to align with the best practices and compliance requirements. Collaborate with internal and external audit teams, providing documentation and evidence as needed to demonstrate compliance and adherence to governance standards. Assist in the development and maintenance of incident response plans to effectively address and mitigate security incidents or compliance violations. Prepare and distribute regular reports to IT & IT Security leadership as well as business leadership summarizing risk assessments, compliance status, and recommendations for improvement. Assist IT Security operations in the development and delivery of training programs to educate users on governance, risk, and compliance matters, fostering a culture of awareness and accountability. Identify opportunities for enhancing governance processes and recommend improvements to reduce risk exposure and enhance operational efficiency. Maintain a safe working environment. Education: Bachelor's degree in Computer Science with a focus on Cybersecurity or a closely related field is required. Certifications in ISC2 CGRC (formerly CAP) or ISACA CISA are required. Certifications in ISC2 CISSP, and ISACA CRISC are not required, but preferred. Skills/Expereince: Minimum of 3 years of related experience Strong leadership and project management skills, with the ability to manage multiple priorities and deliver results within deadlines is required Strong operating knowledge of platforms such as Azure, O365, Crowd Strike, KnowBe4, Mimecast, ZenGRC+, and Archer Excellent communication and interpersonal skills, with the ability to communicate complex security concepts to both technical and non-technical audiences is required Excellent organizational skills in order to accommodate multiple tasks simultaneously Excellent understanding of technology infrastructure and systems, including networks, databases, and cloud computing is required Maintain a professional demeanor at all times and be conscious of confidentiality issues when dealing with individuals at all levels Must be easily understood by other employees, clients, and vendors Strong analytical and problem-solving skills, with the ability to assess risks and develop practical solutions Professional certifications in information security, such as ISC2 CISSP, ISACA CRISC, ISACA CISA, and ISC2 CGRC (formerly CAP) are highly desirable Apply tot his job