Replicon

Company Summary

As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference. At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.com

Auto req ID

10372BR

External Job Title

Senior GRC Analyst

Position Responsibilities

Summary:

This role specializes in access reviews, evaluating privileged accounts and security tools to ensure compliance with organizational policies and regulatory requirements. Collaboration with various departments is key in this role. You will provide guidance on access management best practices, following Zero Trust methodology, and ensure the timely completion of the access review process. Additionally, you will maintain documentation, prepare reports for senior management, and support audits related to access controls. Effective communication and analytical skills are essential.

This role also involves providing information security risk management and compliance expertise for the entire enterprise and product portfolio. You will work with a team to protect the company brand, reputation, and information assets. The Senior GRC Analyst reports to the GRC Access Review Team Lead and is responsible for maturing services provided by the GRC team.

Responsibilities:

• Perform quarterly privileged access reviews for various cloud and IT environments.
• Execute tasks assigned during the annual full user access reviews for Deltek.
• Maintain and mature GRC services as a primary or backup service owner (e.g., Access Reviews, Policy Management, Risk Management, Customer Security Due Diligence, Business Continuity Planning, etc.).
• Track assigned information security risks through the Risk Management process.
• Provide subject matter expertise related to NIST 800-53, FedRAMP, CMMC, ISO27001, PCI DSS, SOC 1, SOC 2, and other information security regulations.
• Perform data quality reviews for GRC process measurement.
• Collaborate with Deltek technical and business professionals to determine appropriate risk treatment decisions and plans.
• Utilize governance, risk, and compliance (GRC) tools to manage external authoritative sources, IT controls, corporate policies and procedures, vendor management system, and risk management workflows.
• Facilitate gathering, reviewing, and assembling internal and external audit evidence.
• Support projects to enhance Deltek compliance capabilities.
• Maintain proficiency with applicable laws, regulations, and standards.
• Participate in internal risk and compliance meetings as a subject matter expert.
• Draft and maintain compliance documents (e.g., policies, standards, procedures, etc.).
• Coordinate the adoption of information security best practices throughout the enterprise.

Work Location

Philippines, Makati City

Qualifications

Qualifications:

• B.S. degree (Information Security, Computer Science, MIS, or equivalent program preferred)
• Minimum 3 years of combined experience in Information security, compliance, technology audit, or a related field.
• Experience with NIST SP 800-53, ISO 27001, PCI DSS, or SOC 1/2.
• Strong written and verbal communication skills.
• Experience working in a collaborative team environment.

Preferences:

• Familiarity with Zero Trust access review practices including device posture management.
• CISSP, CISA, or other related information security certification desired.
• FedRAMP, NIST 800-171, CSA CCM, CIS Security Framework experience desired.
• Experience with software development in a cloud environment desired.

Travel Requirements

No

Applicant Privacy Notice

Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you (“Personal Data”) to administer and evaluate your application. We are the “controller” of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice. Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process.

Business Summary

Deltek's Global Information Security team has a passion for simplifying the delivery of information security in a complex industry. As part of our dynamic team, you will help deliver creative security services to continuously improve the first-rate protection of Deltek’s Information Assets. Join us as we create innovative solutions to further security as a differentiator for Deltek.