I am...

POSITION SUMMARY:

​

The Governance, Risk, and Compliance (GRC) Analyst will play a critical role in our Information Security department. This position is responsible for documenting and tracking the status of our cybersecurity posture against the NIST Cybersecurity Framework and other regulatory controls. The GRC Analyst will also prioritize areas for improvement and drive advancements in those areas to ensure our organization remains compliant and continually improves in prediction/response to threat and regulatory landscapes.

• Documentation and Tracking:
• Document and maintain records of compliance with the NIST Cybersecurity Framework and other relevant regulatory controls.
• Track the status of compliance initiatives and report on progress to senior management.
• Risk Assessment and Management:
• Conduct regular risk assessments to identify vulnerabilities and areas of non-compliance.
• Develop and implement risk mitigation strategies to address identified vulnerabilities.
• Collaborate with Technology teams to address vulnerabilities by priority.
• Compliance Monitoring:
• Monitor compliance with industry regulations and internal policies.
• Prepare for and facilitate internal and external audits related to information security.
• Improvement Prioritization:
• Identify and prioritize areas for improvement within the information security program.
• Develop and execute plans to address these areas, ensuring continuous improvement in our security posture.
• Collaboration and Communication:
• Work closely with various departments to ensure compliance with security policies and procedures.
• Communicate effectively with stakeholders to promote a culture of security awareness and compliance.
• Support Internal and external audit teams for evidence of compliance and tracking remediation of any findings.
• Reporting:
• Generate regular reports on the status of compliance and risk management activities.
• Present findings and recommendations to senior leadership.
• Other duties as assigned.

MINIMUM ESSENTIAL QUALIFICATIONS:

​

• Bachelor's degree or equivalent years of experience in Information Security, Computer Science, Information Technology, or a related field.
• Proven experience within an information security role.
• Knowledge of cybersecurity principles, practices, and technologies.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001).
• Good understanding of networking protocols, systems, and applications.
• Regular and reliable attendance.

​

PREFERRED QUALIFICATIONS:

​

• Industry certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
• Experience with Governance Risk & Compliance (GRC) platforms.
• Familiarity with cloud security principles and practices.
• Working knowledge of vulnerability assessment tools.
• Excellent communication and collaboration skills.
• Ability to stay current with the evolving cybersecurity landscape.

EQUAL EMPLOYMENT OPPORTUNITY:

​

Targa Resources provides equal employment opportunities based on merit, experience, and other work-related criteria and without regard to race, color, ethnicity, religion, national origin, sex, age, pregnancy, disability, veteran status, or any other status protected by applicable law. We also strive to provide reasonable accommodation to employees' beliefs and practices that do not conflict with Targa's policies and applicable law. We value the unique contributions that every employee brings to their role with Targa.

IVIONICS Cybersecurity Technical Lead Role

​

Are you a security-focused, business-minded individual looking to build your career? If so, we've got an exciting opportunity for you. We are IVIONICS, a growing technology organization in search of a talented Cybersecurity Technical Lead to join our team. If you're ready to advance your career and be a part of our future success story, keep reading.

​

IVIONICS is seeking a highly skilled Cybersecurity Technical Leader to join our team. The ideal candidate will possess advanced expertise across a wide range of cybersecurity disciplines including securing and servicing different infrastructures (Azure, Intune, VMware, etc.), various patching of devices and software, and understanding various security frameworks. This role involves working closely with clients to review and enhance their security posture, ensuring alignment with industry standards.

​

Why Choose Us?

​

• Career Advancement. We're not just offering a job; we're offering a career. Join us, and you'll have opportunities to advance yourself in the constantly growing technology sector.
• A Flourishing Work Environment. At IVIONICS, we believe in fostering a positive workplace culture. We value collaboration, professional growth, and relationship-building both in/out of the office.
• Work-Life Balance. We understand that your personal life is important. We offer flexible scheduling options to ensure you can manage your professional and personal life effectively.
• Professional Development. If you're willing to invest, then so are we. At IVIONICS, you'll have access to ongoing training and development resources to continue enhancing your skills.
• Competitive Compensation. We recognize your hard work and want to reward you for it. In addition to a competitive salary, all employees are eligible for a comprehensive suite of additional benefits including: medical/dental/vision, retirement plans, paid-time off, and more.

• Vulnerability Remediation: Utilize advanced PowerShell scripting to remediate security vulnerabilities.
• Patching and Protecting: Oversee the patching and protection of systems, including Citrix, VMware, routers, and switches.
• Client Engagement: Review vulnerability reports with clients and provide actionable insights.
• Security Policy Review: Collaborate with clients to review and update security policies in reference to frameworks such as SOC 2, CIS, and CMMC.
• Baseline Hardening: Create and enforce hardened baselines based on security frameworks (e.g., CIS, NIST 800-53) using Intune and AD GPO.
• Cloud Security: Secure and develop secure processes for Azure and Intune.
• Patch Management: Oversee patching to ensure systems are up to date and secure.
• SIEM and SOC Services: Understand and manage SIEM and SOC services to monitor and respond to security incidents effectively.

Required Qualifications:

• Proven experience in vulnerability remediation with advanced PowerShell scripting.
• Expertise in securing and servicing different infrastructures (Azure, Intune, VMware, routers, and switches).
• Strong understanding of security frameworks (SOC 2, CIS, NIST, CMMC, etc.).
• Experience in creating hardened baselines using Intune and AD GPO.
• Familiarity with patch management.
• Excellent communication skills, with the ability to engage effectively with clients.
• Knowledge of Blue team and Red team operations.
• Ability to problem solve and multi-task effectively.
• Ability to interact effectively with all levels of management within the organization

​

Preferred Qualifications:

• Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+, CompTIA CySA+, CISA, GSEC, OSCP, CCSP, AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate).

IVIONICS is committed to being an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, ethnicity, age, disability, marital status, veteran status, or any other characteristic protected by law.

Company Description

​

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

​

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

• Lead Visa’s Cloud initiative and contribute to cloud platform architecture, strategy & roadmap and manage the adoption process.
• Responsible for intake and solutioning phase of new Cloud workloads in partnership with O&I, which includes translating the business requirements in technical requirements for the Cloud engineers and ensure cloud engineers understand what they need to build.
• Execute cloud security strategy to support Visa’s Hybrid & Multi-Cloud solutions across various providers.
• Responsible for security architecture for hybrid cloud and support design of cloud solutions meeting standardization, consolidation, security, and regulatory compliance, for different use cases.
• Design secure cloud-native platforms, core services, and security controls across multiple public and private cloud environments, including Azure, AWS, and GCP.
• Assess security and architecture of business applications as they migrate to public clouds.
• Coach and mentor team members and colleagues cross-functionally, including horizontal organizations.
• Research and evaluate emerging technologies as they become available.
• Design and automate dedicated products and services on top of the cloud landing platform.
• Work closely with the other cloud teams, O&I team and work pro-actively with products teams and business teams. Support the Cloud platforms in the US time-zone.
• Be an evangelist of Cloud computing.

Required Qualifications:

• 8+ years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience.

​

Preferred Qualifications:

• 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD.
• Deep technical expertise on public cloud environments like AWS, GCP, and Azure.
• Strong understanding of cloud computing and security principles and demonstrate proficiency in designing and implementing Zero Trust Architectures in a public cloud environment.
• Experience with building scalable cloud security solutions and presenting technical security content to a larger group and leadership.
• Proficient in automation programming, with experience in Python and Infrastructure as Code (IaC) tools such as Terraform.
• Ability to deliver results, work cross-functionally, influence audience in cloud transformation journey, with security as the paramount priority.
• Experience in cloud migration and transformation initiatives, inclusive of DevSecOps model, Infrastructure-as-a-Service (IaaS), and Platform-as-a-Service (PaaS) principles.
• Effective communication and interpersonal skills to collaborate with stakeholders across organization and provide guidance on cloud security architecture.
• Ability to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.
• Familiarity with industry frameworks and regulatory standards, such as NIST, PCI, GDPR, and FFIEC.

Work Hours: Varies upon the needs of the department.

​

Travel Requirements: This position requires travel 5-10% of the time.

​

Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

​

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

​

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

​

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 161,500.00 to 234,250.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.