IT Data Security Analyst
Arrow Electronics
Position:IT Data Security Analyst
Job Description:Arrow Electronics is seeking a proactive and detail-oriented Mid-Level IT Risk Analyst to join our dynamic IT Risk team. The ideal candidate will have 3-5 years of experience in cybersecurity risk identification, assessment, and remediation, with a strong background in various compliance frameworks and proven experience in independently managing audits. The Arrow IT Risk team provides a heavy amount of IT compliance guidance to the business from an advisory perspective. The ideal candidate would have worked with and been directly involved with business leaders to help enable and wrap compliance and certifications around respective business processes (sales, new business development, emerging markets). This is a remote position, but candidates must be located in the Atlanta metro.
What You'll Be Doing:Conduct comprehensive risk assessments of IT systems, applications, and business processesMaintain and contribute to risk management frameworks and methodologiesEnsure compliance with relevant industry standards and regulations Identify, document, and manage risks in the risk registerCollaborate with IT and business teams to implement risk mitigation strategiesMonitor, assess, and report on the effectiveness of risk management controlsIndependently manage and successfully complete multiple audits as the auditee, from preparation to closureAssist in reviewing security incidents and their potential impact on business operationMonitor vulnerabilities and assist IT teams with tracking vulnerability management remediationWhat We Are Looking For:Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Master's degree is a plus.Experience: 3-5 years in IT risk management/governance or information security with a heavy focus IT compliance.Heavy exposure to business processes, providing IT compliance advisory services to the business.Proven track record in IT risk assessments and mitigation actions.Demonstrated ability to independently manage multiple IT audits end-to-end as the auditee.Technical Knowledge: Strong understanding of IT governance frameworks (e.g., COBIT, ITIL) and risk assessment methodologies (e.g., FAIR, OCTAVE, NIST RMF).Compliance Expertise: Must have experience with multiple compliance frameworks, including ISO 27001 and CMMC. Familiarity with GDPR, HIPAA, PCI DSS, TISAX, DFARS-252.204-2017, FedRAMP and SOX is highly desirable.Tools and Technologies: Proficiency in risk management and GRC (Governance, Risk, and Compliance) platforms.Business Acumen: Understanding of business processes and their intersection with IT systems.Project Management experience is a plus!Key CompetenciesExcellent communication and presentation skills, including the ability to explain complex technical concepts to non-technical stakeholders.Proven ability to manage and successfully complete audits independently, demonstrating strong organizational and documentation skills.Strong analytical and critical thinking abilities.Adaptability to keep up with evolving compliance & regulatory changes, security threats, and technologies.Collaboration skills and ability to work in cross-functional teams.Effective time management, especially during busy ISO and other audit cycles.Strong ethical behavior and commitment to maintaining confidentiality.Experience working with publicly traded companies and/or firms under multiple certifications is highly valued.Preferred QualificationsThe ideal candidate is one that has worked in lockstep with various business units from an IT Risk advisory perspective.Candidates that have been auditees and handled end to end ISO 27001 audits from inception to closure.Relevant certifications (e.g., CRISC, CISM, CISSP, CISA, RMP)Experience with cloud security compliance and emerging technologiesKnowledge of IoT and AI/ML security implicationsWhat’s In It For You:At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That’s why we offer competitive financial compensation, including various compensation plans, and a solid benefits package.Remote work!Medical, Dental, Vision Insurance401k, With Matching ContributionsPaid Time Off (including sick, holiday, vacation, etc.)Health Savings Account (HSA)/Health Reimbursement Account (HRA) OptionsGrowth OpportunitiesShort-Term/Long-Term Disability Insurance And more!Annual Hiring Range/Hourly Rate:$70,300.00 - $100,089.00
Location:US-GA-Alpharetta, Georgia (Morris Rd)
Time Type:Full time
Job Category:Information TechnologyEEO Statement:
Job Description:Arrow Electronics is seeking a proactive and detail-oriented Mid-Level IT Risk Analyst to join our dynamic IT Risk team. The ideal candidate will have 3-5 years of experience in cybersecurity risk identification, assessment, and remediation, with a strong background in various compliance frameworks and proven experience in independently managing audits. The Arrow IT Risk team provides a heavy amount of IT compliance guidance to the business from an advisory perspective. The ideal candidate would have worked with and been directly involved with business leaders to help enable and wrap compliance and certifications around respective business processes (sales, new business development, emerging markets). This is a remote position, but candidates must be located in the Atlanta metro.
What You'll Be Doing:Conduct comprehensive risk assessments of IT systems, applications, and business processesMaintain and contribute to risk management frameworks and methodologiesEnsure compliance with relevant industry standards and regulations Identify, document, and manage risks in the risk registerCollaborate with IT and business teams to implement risk mitigation strategiesMonitor, assess, and report on the effectiveness of risk management controlsIndependently manage and successfully complete multiple audits as the auditee, from preparation to closureAssist in reviewing security incidents and their potential impact on business operationMonitor vulnerabilities and assist IT teams with tracking vulnerability management remediationWhat We Are Looking For:Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Master's degree is a plus.Experience: 3-5 years in IT risk management/governance or information security with a heavy focus IT compliance.Heavy exposure to business processes, providing IT compliance advisory services to the business.Proven track record in IT risk assessments and mitigation actions.Demonstrated ability to independently manage multiple IT audits end-to-end as the auditee.Technical Knowledge: Strong understanding of IT governance frameworks (e.g., COBIT, ITIL) and risk assessment methodologies (e.g., FAIR, OCTAVE, NIST RMF).Compliance Expertise: Must have experience with multiple compliance frameworks, including ISO 27001 and CMMC. Familiarity with GDPR, HIPAA, PCI DSS, TISAX, DFARS-252.204-2017, FedRAMP and SOX is highly desirable.Tools and Technologies: Proficiency in risk management and GRC (Governance, Risk, and Compliance) platforms.Business Acumen: Understanding of business processes and their intersection with IT systems.Project Management experience is a plus!Key CompetenciesExcellent communication and presentation skills, including the ability to explain complex technical concepts to non-technical stakeholders.Proven ability to manage and successfully complete audits independently, demonstrating strong organizational and documentation skills.Strong analytical and critical thinking abilities.Adaptability to keep up with evolving compliance & regulatory changes, security threats, and technologies.Collaboration skills and ability to work in cross-functional teams.Effective time management, especially during busy ISO and other audit cycles.Strong ethical behavior and commitment to maintaining confidentiality.Experience working with publicly traded companies and/or firms under multiple certifications is highly valued.Preferred QualificationsThe ideal candidate is one that has worked in lockstep with various business units from an IT Risk advisory perspective.Candidates that have been auditees and handled end to end ISO 27001 audits from inception to closure.Relevant certifications (e.g., CRISC, CISM, CISSP, CISA, RMP)Experience with cloud security compliance and emerging technologiesKnowledge of IoT and AI/ML security implicationsWhat’s In It For You:At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That’s why we offer competitive financial compensation, including various compensation plans, and a solid benefits package.Remote work!Medical, Dental, Vision Insurance401k, With Matching ContributionsPaid Time Off (including sick, holiday, vacation, etc.)Health Savings Account (HSA)/Health Reimbursement Account (HRA) OptionsGrowth OpportunitiesShort-Term/Long-Term Disability Insurance And more!Annual Hiring Range/Hourly Rate:$70,300.00 - $100,089.00
Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Location:US-GA-Alpharetta, Georgia (Morris Rd)
Time Type:Full time
Job Category:Information TechnologyEEO Statement:
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy)
We anticipate this requisition will be open for a minimum of five days, though it may be open for a longer period of time. We encourage your prompt application.
Confirm your E-mail: Send Email
All Jobs from Arrow Electronics