I'm looking for Governance Risk Compliance Analyst III roles in Palm Harbor, Florida. I have 6 years of experience, need to work onsite, and prefer positions that allow me to utilize my knowledge of NIST frameworks.

Okay, I've searched for Governance Risk Compliance Analyst III roles in Palm Harbor, Florida, with a requirement of 6 years of experience, onsite work, and experience with NIST frameworks. I found 23 positions that match your criteria. You can check them out now.

Governance Risk Compliance Analyst III

Palm Harbor, FL

6 years + Experience

Onsite

NIST

Can you help me to analyze the job description and company culture?

Sure. Here's the analysis:

Job Analysis:

The Governance Risk Compliance Analyst III at Geographic Solutions, Inc. (GSI) is fundamentally tasked with ensuring the organization's risk posture aligns with various information security frameworks while managing a dynamic workload within a growing department. The core responsibilities include collecting evidence to assess existing controls, participating in audits, and acting as a Subject Matter Expert (SME). This role requires not only technical proficiency in risk management tools and frameworks like NIST and FedRAMP but also emphasizes the importance of project management and communication skills. The ability to weigh competing priorities in a fast-paced environment is essential; thus, candidates must exhibit strong organization and adaptability. Success in this role is defined by the capacity to effectively collaborate with stakeholders, maintain compliance with evolving frameworks, and contribute significantly to the development of risk mitigation strategies within the first 6–12 months.

Company Analysis:

Geographic Solutions, Inc. operates within the education technology landscape and is recognized for its pioneering efforts in providing online education and corporate training solutions in Brazil. In an industry characterized by rapid technological advancements and changing regulatory landscapes, the company's position as a front-runner creates a significant demand for strong governance, risk, and compliance practices. The company's culture appears to prioritize innovation and flexibility, aligning with the fast-paced nature of the role. Positioning this analyst within the Governance, Risk, and Compliance team indicates that they will need to navigate interdepartmental relationships, providing visibility and influencing decisions at various organizational levels. This hire is likely intended to stabilize and enhance GSI's risk management capabilities, making it essential for the candidate to not only fulfill their technical obligations but also contribute to a culture of continuous improvement and proactive risk assessment.

Mock up some interview questions based on the job description.

Absolutely. Here are some mock interview questions that could come up:

Behavioral Questions:
1. Tell me about a time when you had to manage competing priorities and how you ensured that all tasks were completed effectively.
1. Can you describe a situation where you acted as a Subject Matter Expert (SME) for a team, and how you facilitated collaboration among different stakeholders?
1. Share an example of a challenging audit you've participated in. What was your role, and what was the outcome?
1. Describe an instance where you identified a gap in compliance or security. What steps did you take to address it?
Technical/Role-Specific Questions:
1. How would you approach conducting a risk assessment for a new project that aligns with NIST standards?
1. What strategies do you use to keep up with changes in information security frameworks?
1. Can you elaborate on your experience with project management tools in the context of risk and compliance activities?
1. How do you organize and communicate complex risk information to non-technical stakeholders?
Situational Questions:
1. Imagine you are presented with new information that suggests an existing control is not effective. How would you handle this situation?
1. If a key internal stakeholder is resistant to adopting a new risk management policy, how would you approach the conversation?
Company Fit/Motivation Questions:
1. Why are you interested in working at Geographic Solutions, and how do you think your background aligns with our mission?
1. In your view, what are the biggest challenges facing the education technology sector regarding risk and compliance today, and how would you adapt to them?
Questions for the Candidate to Ask the Interviewer:
1. What is the most significant challenge the Governance Risk Compliance team currently faces?
1. Can you elaborate on how the company supports continuous learning and development for its employees?
1. What does success look like for the Governance Risk Compliance Analyst III role in the first year?

Job Details

Overview Company

Governance Risk Compliance Analyst III

ID Projetos Educacionais

2 months ago

Highlight

OnsiteFull-time6+ yearsSenior

Summary

ID Projetos Educacionais is seeking a Governance Risk Compliance Analyst III to join their team in Palm Harbor, FL. The role involves managing the risk posture of the organization and ensuring alignment with information security frameworks.

About the Role

As a Governance Risk Compliance Analyst III, you will be responsible for analyzing the risk posture of Geographic Solutions, Inc (GSI) by collecting evidence, measuring existing controls, and monitoring processes for alignment. You will participate in meetings, act as a Subject Matter Expert, develop and maintain policies and procedures, and conduct information security controls gap assessments. You will also manage project plans, update NIST Policy Documentation, and support GRC automation.

About You

Required:

Willingness to work onsite at GSI's headquarters in Palm Harbor, Florida daily.
Ability to provide Subject Matter Expertise in NIST-800, NIST-CSF, HiTRUST, FedRAMP, and StateRAMP within the first year.
Experience in conducting and participating in audits.
Capability to manage competing priorities and demanding timelines.
Technical writing and project management skills.
Highly organized with the ability to create and conduct risk assessments.

Preferred:

Certified Risk and Information Systems Control – CRISC.
Certified in Governance of Enterprise IT - CGEIT.
Project Management Institute – Risk Management Professional - PMI-RMP.
Information Technology infrastructure Library Expert – ITIL Expert.
Certification in Risk Management Assurance – CRMA.
GRC Professional – GRCP.
GRC Audit Certification – GRCA.
Integrated Policy Management Professional – IPMP.
Project Management Professional – PMP.
Integrated Data Privacy Professional - IDPP.
Integrated Governance and Oversight Professional - IGOP.
Integrated Compliance and Ethics Professional - ICEP.
Integrated Security and Continuity Professional - ISCP.
Integrated Strategy and Performance Professional - ISPP.
Integrated Audit and Assurance Professional – IAAP.
CySA+ – Cyber Security Analyst.
CISSP, CRM, CRA, CISM, or equivalent.

ID Projetos Educacionais

ID Projetos Educacionais foi uma empresa pioneira no Brasil nas áreas de educação por internet e educação corporativa.

Palm Harbor, FL