Deltek

Position Responsibilities

Summary:

This role specializes in access reviews, evaluating privileged accounts and security tools to ensure compliance with organizational policies and regulatory requirements. Collaboration with various departments is key in this role. You will provide guidance on access management best practices, following Zero Trust methodology, and ensure the timely completion of the access review process. Additionally, you will maintain documentation, prepare reports for senior management, and support audits related to access controls. Effective communication and analytical skills are essential.

This role also involves providing information security risk management and compliance expertise for the entire enterprise and product portfolio. You will work with a team to protect the company brand, reputation, and information assets. The Senior GRC Analyst reports to the GRC Access Review Team Lead and is responsible for maturing services provided by the GRC team.

Responsibilities:

• Perform quarterly privileged access reviews for various cloud and IT environments.
• Execute tasks assigned during the annual full user access reviews for Deltek.
• Maintain and mature GRC services as a primary or backup service owner (e.g., Access Reviews, Policy Management, Risk Management, Customer Security Due Diligence, Business Continuity Planning, etc.).
• Track assigned information security risks through the Risk Management process.
• Provide subject matter expertise related to NIST 800-53, FedRAMP, CMMC, ISO27001, PCI DSS, SOC 1, SOC 2, and other information security regulations.
• Perform data quality reviews for GRC process measurement.
• Collaborate with Deltek technical and business professionals to determine appropriate risk treatment decisions and plans.
• Utilize governance, risk, and compliance (GRC) tools to manage external authoritative sources, IT controls, corporate policies and procedures, vendor management system, and risk management workflows.
• Facilitate gathering, reviewing, and assembling internal and external audit evidence.
• Support projects to enhance Deltek compliance capabilities.
• Maintain proficiency with applicable laws, regulations, and standards.
• Participate in internal risk and compliance meetings as a subject matter expert.
• Draft and maintain compliance documents (e.g., policies, standards, procedures, etc.).
• Coordinate the adoption of information security best practices throughout the enterprise.

,

Qualifications

Qualifications:

• B.S. degree (Information Security, Computer Science, MIS, or equivalent program preferred)
• Minimum 3 years of combined experience in Information security, compliance, technology audit, or a related field.
• Experience with NIST SP 800-53, ISO 27001, PCI DSS, or SOC 1/2.
• Strong written and verbal communication skills.
• Experience working in a collaborative team environment.

Preferences:

• Familiarity with Zero Trust access review practices including device posture management.
• CISSP, CISA, or other related information security certification desired.
• FedRAMP, NIST 800-171, CSA CCM, CIS Security Framework experience desired.
• Experience with software development in a cloud environment desired.