Analyst, Information Governance, Risk and Compliance
Trinity Industries is searching for a talented team player to fill the role of Information Governance, Risk and Compliance Analyst in our Dallas, Texas HQ!
The Information Governance, Risk, and Compliance (GRC) Analyst supports one or more primary functions within the Information GRC (IGRC) organization. Reporting to the Sr. Director, IGRC within the Information Risk Management organization this individual is responsible for the day-to-day execution of core IGRC work activities and providing support to accomplish enterprise objectives in support of legal, regulatory, and information security requirements.
The primary job functions of this role include the facilitation of risk assessments and risk management functions, performance of and reporting on compliance evaluations, the creation and documentation of enterprise policies, processes, and standards, and enterprise document management. The secondary job functions of this role include eDiscovery support and records management support.
What you will do:
- Assist with exception management activities related to enterprise policies and directives
- Support risk assessment activities in vendor due diligence, third party risk management, and IT project operations
- Document and communicate enterprise Information Risk Management policies, processes, procedures, standards, and requirements
- Assist in preparing reports and summaries of IGRC program for executive review
- Help establish and maintain enterprise document management systems
- Stay informed of present and emerging regulatory concerns and information security trends
- Help maintain enterprise information risk register and maturity assessments
- Interface and interact with business leadership to include Legal, Compliance, IT, and Operations
- Work in collaboration with the Cyber Defense Center to assess computer hardware, software, and systems for security risks or violations
- Support strategies to address security awareness and training across a global enterprise including remote staff and geographically separated locations
What you’ll need:
- Bachelor’s or equivalent and 2+ years’ experience in IT field required,
- Experience in GRC organizations is preferred
- Experience with manufacturing or digital services is a plus
- Relevant certifications (CISM, CISA, CISSP, or equivalent) are a plus but not required
- Experience with technical editing desired
- Excellent oral and written communication skills
- Experience with multi-national/global enterprises is a plus
- High personal integrity and confidentiality
- High attention to detail
- Familiarity with one or more of the following frameworks and regulations is a plus:
o NIST CSF
o NIST RMF
o SOX
o GDPR
o HIPAA
o PCI-DSS
o COBIT
o ITIL
EOE
Trinity Industries, Inc., and its subsidiary or affiliated companies (hereinafter “Trinity”) are committed to equal employment opportunity. It is our policy to consider candidates for employment without regard to race, color, sex, sexual orientation, gender identity, religion, age, national origin, disability, or veteran status.
View the following posters by clicking the links below:
Pay Transparency Nondiscrimination Provision
Know Your Rights: Workplace Discrimination is Illegal
Trinity participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.
View the following poster by clicking the link below:
Trinity is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to trinityrecruiting@trin.net. This email address should only be used for accommodations and not general inquiries or resume submittals.