Job Description Insight Global is llooking for an experienced Cybersecurity specialist to serve as Security Analyst Cybersecurity GRC for one of our major retail clients. This role will work collaboratively with the Cybersecurity GRC team to expand and enhance the maturity of our risk due diligence program to protect the confidentiality, integrity and availability of our technology assets and data and support our global growth initiatives. A day in the life: As the Security Analyst Cybersecurity GRC, you will work with the team to facilitate and coordinate the internal risk due diligence program, which is a cross-functional, formal review process that identifies and mitigates potential security risk associated with data and technology engagements. This role will support the Risk Due Diligence Program Manager with the tactical execution requirements through the following core responsibilities:  Facilitate and perform Security Risk Assessments for all new technology projects or changes in existing technology implementations  Identify potential risks, threats, vulnerabilities, or security gaps through security risk assessments and communicate specific security requirements and/or risk mitigation strategies to the business/technology stakeholders  Document, communicate, and track action items from security reviews to ensure they have been actioned to closure  Collaborate with the Risk Due Diligence and Technology Risk Management teams to define and implement a process to evaluate that projects as built meet the security requirements identified and communicated through the security review process  Work with multiple cybersecurity teams to define and implement standard implementation security requirements checklists for low risk, repetitive types of projects and initiatives  Review and assess intake requests for AI tools and technologies to ensure security and data risks are identified, documented, and mitigated  Support the Risk Due Diligence team with ongoing ServiceNow ticket intakes, prioritization of reviews, and management of open backlog items  Be an ambassador for the governance, risk and compliance security practice throughout the organization We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .     To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements 3+ years experience in a cybersecurity function, preferably in a GRC, security engineering, or security architecture role  Bachelors degree with focus on information technology, cybersecurity or technology audit preferred  Experience with cybersecurity risk and compliance frameworks and practices (e.g. NIST-CSF, NIST-AI RMF, COBIT, ISO27001, Data Privacy regulations and frameworks)  Expertise in cybersecurity risk and security management practices and processes, particularly in technology domains such as infrastructure and operations, application development, cloud computing  Understanding of emerging AI/LLM technologies and related security risks  Experience and passion for technical security risk identification and mitigation  Ability to interact effectively with technical security stakeholders as well as non-technical business stakeholders to communicate and inform concepts pertaining to security risk  Familiarity with ServiceNow GRC/IRM systems Professional certification such as CISA, CISSP, CRISC, Security+, CDPSE is a plus null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.