Governance, Risk and Compliance Analyst Job Description
Starting CompensationAnnual Salary: $79,700.00 - $103,500.00 (Amount based on office location, relevant experience, skills, and competencies)
If you are wondering why you should work for us, here is something to help you decide:
Pay and Bonuses: Earn a competitive salary. All employees are eligible for uncapped commission or annual bonus incentives.
Career Progression: Grow at MCM with paid training and development programs – including our very own MCM Academy – as well as a promote-from-within philosophy.
Reward and Recognition: We are committed to honoring great results – ranging from informal accolades to formal company-wide awards and prizes like all-inclusive vacations.
Tuition Assistance: Pursue a degree or coursework related to your current role, or the role you are striving for.
Healthcare Insurance: Take advantage of comprehensive healthcare plans and options to ensure your continued health, plus fitness membership reimbursements, weight watchers, our wellness rewards Program and more.
Volunteering Opportunities: Enjoy up to eight hours of paid time off each year to volunteer. We also offer volunteer grants and matching financial donations, up to US$ 2,500 per employee annually.
Retirement Savings: Build a strong financial foundation and reach your goals for the future. With all the effort you invest in us, we’re proud to invest in you.
New Family Support: Celebrate your new arrival with company paid leave, new parent flex time, and child back-up care options.
Team-building: Enjoy experiences that inspire bonds with your colleagues through a wide range of company-sponsored team-building events, such as holiday celebrations and department outings.
Work-Life Balance: Enjoy paid and floating holidays, as well as generous paid-time-off.
Our compensation and benefits programs were created with an 'Employee-First Approach' focused on supporting, developing, and recognizing YOU. We offer a wide array of wellness and mental health initiatives, support volunteerism, and environmental efforts, encourage employee education through leadership training, skill-building, and tuition reimbursements, and always strive to provide promotion opportunities from within.
The GRC Analyst provides expertise in the areas of Information Security policy creation and development, security awareness training, cybersecurity risk management, security compliance frameworks, and governance of an enterprise security program. The ideal candidate has the ability to coalesce data from multiple inputs and provide recommendations on effective risk mitigation initiatives.
- Develop and support information governance policies and processes in collaboration with business and technical teams that are aligned with business goals
- Support information classification and processes for regulatory audits and efficiency improvements in collaboration with stakeholders.
- Driving adoption of standards and proven data governance mechanisms and extend to data collection, data processing, data analytics, data privacy and data retention processes.
- Partner with the business by gaining a deeper understanding of their needs and by providing solutions that meet their goals and objectives
- Communicate effectively and actively seek alignment with business expectations
- Act as a liaison and conduit for information flow between the IT organization and the business
- Identify project issues and risks and develop risk mitigation plan to address
- Ensure adherence to established company and PMO processes, including governance processes. Assist with the enhancement and reporting of key performance and risk indicators related to the information security program
- Partner with Risk & Compliance teams to perform annual risk assessments and drive risk treatment activities
- Prepare and deliver information security training, education, and awareness activities appropriate for campus audiences.
- Evaluate the effectiveness of existing information security training, education, and awareness program/activities. Collaborate with information security technical experts as needed to augment or further develop role-based information security training, education, and awareness activities.
- Coordinate and perform monthly global email phishing simulations
- Maintain knowledge of FTC Safeguards, PCI, SOX, ISO27001 and NIST Cybersecurity frameworks and ensures organizational compliance
- Perform other duties, as assigned
- 2+ years of experience in information security
- Experience using with Auditboard and other GRC tools a plus
- Experience maintaining control environment documentation and working with internal/external auditors
- Knowledge and experience applying Cyber Security policy development best practices, strategies, and procedures
- Understanding of Risk Management Framework (RMF), Information Security, and Security Policy
- Working knowledge of ISO 27001 and PCI DSS
- Ability to work in a matrix team environment, actively and effectively managing relationships with customers, build and release managers, technical teams, product development, project managers, and other application managers
- Excellent problem solving and analytical skills
- Excellent oral and written communication skills
- Strong organizational and time management skills, including the ability to prioritize responsibilities.
- Understanding of data privacy laws and regulations a plus
- Security Certification such as Security+, CISSP, CISM desirable
We are more than a specialty finance company providing debt recovery solutions for consumers. We are a global team of over 4,000 employees whose daily mission is to empower consumers to begin their path towards financial recovery and build a better life for themselves and their families. We know that the only way to support this mission is by hiring exceptional people who bring a diversity of ideas, a collaborative spirit, and a passion for attaining breakthrough results. If you are results-driven, have a passion for helping others, and thrive in an innovative environment, this might be the right place for you!
Encore Capital Group and all of its subsidiaries are proud to be an equal opportunity employer and value diversity at our company. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application and/or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation at Talent@mcmcg.com.