GRC Analyst at PulteGroup

Atlanta, Georgia, United States

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years)Experience Level

Full TimeJob Type

UnknownVisa

Homebuilding, Real Estate, ConstructionIndustries

Requirements

Ability to work independently on larger, moderately complex projects/assignments
Experience assessing technology-related risks and ensuring compliance with regulations, policies, standards, and controls
Capability to provide guidance to less experienced GRC Analysts
Ability to lead process improvement efforts within the Information Security team
Career Level P2: Works to achieve day-to-day objectives with moderate impact on the area; sets objectives for own area

Responsibilities

Develops and maintains cybersecurity policies, standards, and guidelines
Implements and monitors compliance with cybersecurity control framework
Ensures policies are up-to-date and align with industry best practices, regulatory requirements, and cyber frameworks
Communicates policies to relevant stakeholders
Independently develops security awareness training programs and materials
Plans and executes cybersecurity awareness events and communication campaigns
Develops, organizes, and delivers training sessions to employees on security policies and best practices
Monitors and reports on the effectiveness of security awareness initiatives
Collects, analyzes, and presents cybersecurity program performance metrics and key risk indicators (KRIs)
Independently conducts regular assessments of cyber risks within applications, platforms, and processes
Identifies risks and develops mitigation strategies and risk management plans
Manages third-party risk by assessing the security posture of external vendors and partners, implementing risk mitigation measures, and fostering secure third-party relationships
Ensures appropriate design and operating effectiveness of regulatory and PCI-DSS controls
Manages privacy-related data subject access requests
Monitors compliance and reports effectiveness
Independently performs periodic gap assessments to validate compliance
Monitors regulatory environment and performs impact assessments
Partners with auditors and manages action plans in response to audit discoveries
Performs other duties as assigned

Skills

Key technologies and capabilities for this role

GRCCybersecurityRisk AssessmentComplianceInformation SecurityRegulatory CompliancePoliciesStandardsControlsProcess Improvement

Questions & Answers

Common questions about this position

What is the employment type for the GRC Analyst position?

The position is full-time.

Is this a remote position or does it require working from an office?

This information is not specified in the job description.

What key skills are required for the GRC Analyst role?

The role requires skills in developing and maintaining cybersecurity policies, standards, and controls; conducting cyber risk assessments and developing mitigation strategies; and creating security awareness training programs.

What is the company culture like at PulteGroup?

PulteGroup fosters a culture that values employee ideas, champions inclusion, celebrates diversity, empowers team members to thrive, and supports personal and professional growth within a Fortune 500 company recognized as a Great Place to Work.

What makes a strong candidate for the GRC Analyst position?

Strong candidates have experience independently leading cybersecurity initiatives, such as developing policies, conducting risk assessments, creating awareness training, and providing guidance to junior analysts while driving process improvements.