IT Risk Management and Compliance Analyst
Company The Lubrizol Corporation
Location Wickliffe, OH
Preferred GIAC Certifications GSNA, GISF, GISP, GSEC
Travel 5%
Salary Not provided
Contact Name Tina Machovina
Contact Email tina.machovina/at/
Expires 2023-05-08

Job Description

Lubrizol is currently looking for an IT Risk Management and Compliance Analyst to join our cybersecurity team. In this role, you will be a key resource in the development and continuous improvement of all aspects of the company’s global Information Security program. In this role, you will play a key role in identifying and facilitating the elimination or mitigation of risks throughout the global environment. You will also partner with technical teams, advising both on applicable control requirements and potential solutions to address them. Also, you will participate in measuring and reporting compliance with IT policies and standards, ensuring risk management processes are effective and efficient as well as recommend and implement enhancements to the program. This position will be based out of our Global Headquarters in Wickliffe, OH, following a hybrid working model.

What you need:
GSNA, GISF, GISP, or GSEC preferred
Bachelor’s degree in Information Technology (IT) or related field, or equivalent relevant experience
Minimum of 3 years of relevant industry and professional experience (e.g., risk management, audit, third party risk, operational risk, information security, etc.)
Practical knowledge of third-party risk management, IT risk assessments, operational processes, or applicable techniques for implementation of regulatory requirements
Basic understanding of security domains including identity, access, authentication, encryption, application security, network security, vulnerability and patch management, information security metrics, policies, standards and procedures, etc.
Experience with ISO and NIST security standards
Microsoft Windows-based operating systems and collaboration tools
Demonstrated understanding of risk management processes
Knowledge of basic IT security, networking, active directory, etc
Knowledge of risk management frameworks
Ability to resolve issues via undocumented methods via research and investigation
Experience in documenting issues and solutions to assist end user/co-worker understanding

If interested, please review the job posting and apply today!