If you believe in making a difference, then Sentry is the company for you! As a member of a multi-billion-dollar organization, you will have the opportunity to make a direct and immediate impact on our business and customers.
As a Governance, Risk & Compliance analyst, you will be a key player in Sentry’s information security risk management efforts, working to safeguard our customers and operations. Harness your technical insight and communication skills by participating in risk assessments, testing security controls and processes against threats and industry best practices to confirm adherence to security and compliance requirements.
This position can be filled as a Governance, Risk & Compliance Analyst or a Senior Governance, Risk & Compliance Analyst based on the qualifications and experience of the selected candidate.

WHAT YOU’LL DO

As a Governance, Risk & Compliance Analyst, you will:

• Conduct security risk assessments to identify concerns and ensure compliance with Sentry’s security documents by gathering data, analyzing effectiveness of controls, collaborating with internal and external parties, and evaluating risk magnitude.
• Support our business and legal counsel in negotiating contracts that protect security and privacy.
• Provide documentation and recommendations to Information Security, Information Technology, and/or business stakeholders to ensure audit results, risk findings, and action items are understood. Track remediation of identified security and compliance gaps to ensure corrections are implemented and sustainable.
• Perform security testing using GRC platforms and other analysis tools to evaluate the design and effectiveness of key controls.
• Study emerging security trends, issues, and regulations to understand the impact on the information security program. Participate in ongoing governance of the information security policies and standards to ensure associates are complying with documented security requirements and applicable laws.
• Coordinate the review and approval of security exception requests to document practices that differ from information security policies, standards, and requirements due to business or technological constraints.
• Review and understand fundamental regulations and frameworks related to cybersecurity.

Additionally, you will:

• Collaborate with Sentry’s corporate learning team, assist with creating and distributing security training and awareness materials to internal associates and participates in delivery of the information security awareness program.
• Participate in the research and development of security initiatives and provide security governance recommendations to management regarding the initiatives.
• Perform other job-related duties as assigned from time to time.