Lead CyberSecurity GRC Analyst

at  LogicMonitor

ABOUT US:

We love going to work and think you should too. Our team is dedicated to trust, customer obsession, agility, and striving to be better everyday. These values serve as the foundation of our culture, guiding our actions and driving us towards excellence. We foster a culture of performance and recognition, allowing us to transform growth as we enable our employees to do the best work of their careers.
This position is located in Austin, TX, based in the vibrant San Jacinto Center downtown with breathtaking views of Lady Bird Lake. We call our offices Centers of Energy, because they serve as hubs where we accelerate productivity and collaboration, inspire creativity, and cultivate a culture of connection and celebration. Our teams coordinate their time in Centers of Energy to reflect how they work best.
LogicMonitor is proud to be an equal opportunity employer. We deeply care about our employees’ well-being, fostering an environment where every individual is valued and respected. We celebrate the diversity of our team, and are committed to fostering a culture of inclusivity. Come as you are, be yourself, and let’s grow together.
To learn more about life at LogicMonitor, check out our Careers Page.

WHAT YOU’LL DO:

LM Envision, LogicMonitor’s leading hybrid observability platform powered by AI, helps modern enterprises gain operational visibility into and predictability across their IT stacks, so they can continue to deliver extraordinary employee and customer experiences. LogicMonitor has a layered approach to intelligence, where AI and Machine Learning is baked into every facet of the LM Envision platform to help IT teams improve efficiency, minimize alert fatigue, proactively predict trends, and maximize enterprise growth and transformation.
Our customers love LogicMonitor’s ability to bring cloud and traditional IT together into one view, as seen in minimal churn rates, expansion business, and exciting new customer references. In fact, LogicMonitor has received the highest Net Promoter Score of any IT Infrastructure Management provider. LogicMonitor also boasts high employee satisfaction. We have been certified as a Great Place To Work®, and named one of BuiltIn’s Best Places to Work for the sixth year in a row!
We are looking for a talented and experienced Lead CyberSecurity GRC Analyst. Join our InfoSec Team and play a pivotal role in driving the success of our Governance, Risk, and Compliance (GRC) program. As part of our compliance function, you will participate in certification efforts for national and international standards, with a special focus on our FedRAMP program. You will also be key in our cyber risk management function, regularly updating the risk register based on ongoing risk assessments and validation of control processes.
This role offers a wealth of interesting projects that will leverage your cybersecurity background, technical acumen, project management skills, and interpersonal communication abilities. If you’re ready to make a significant impact and advance your career in a dynamic and supportive environment, we want to hear from you.

HERE’S A CLOSER LOOK AT THIS KEY ROLE:

• Compliance: (Primary)
• Manage technical and non-technical FedRAMP security controls, ensuring their fulfillment.
• Oversight of non-conformity findings and corrections, including documentation and technical tasks.
• Risk management: (Secondary)
• Develop, implement, and drive the execution and continuous improvement of cybersecurity risk management framework, processes, procedures, and activities.
• Benchmark risk management processes, and dashboards with peer companies
• Ensure the risk management process continuously aligns with industry best practices and industry standards
• Perform security and compliance risk assessments across the organization to allow for effective identification and management of cybersecurity risks.
• Partner with teams across the organization to develop and monitor risk response plans, evaluate the effectiveness of risk mitigation strategies, track progress against plans, and validate the completion of those plans.
• Work with senior leadership to establish and improve integration of risk management process into strategic planning processes
• Define risk metrics and thresholds with risk owners to identify and drive additional action on cybersecurity risk.
• Cultivate strong working relationships with risk owners to ensure proper risk management program buy-in and accountability.
• Governance: (Tertiary)
• Provide IT system security consultation within cloud-based and on-premises environments in accordance with NIST SP 800-53, 800-37, ISO, and PCI.
• Assist with the development of System Security Plans, Continuous Monitoring, Plan of Action and Milestones, Security Controls Assessment, Risk Exposure analysis, and FIPS 199 categorization, all in accordance with NIST requirements.

What You’ll Need:

• 6+ years of experience in relevant GRC functions related to Compliance & Risk Management, preferably with cloud SaaS providers.
• 2+ years of Federal Government experience, preferably with FedRAMP.
• Knowledge of SOC 2, NIST 800-171, and NIST 800-53, with strong experience in compliance
• Excellent interpersonal and communication skills to establish strong working relationships with both technical and non-technical staff
• Proactive self-starter with the talent to think through technical solutions to potentially open-ended problems.