Senior IT GRC Analyst

Remote Office Remote Office Texas 99999

Why Valmont

We're Here to Move the World Forward.

Valmont impacts millions of people around the world every day, yet they might not realize the many ways. Our technology is helping feed the growing population, supplying the world with more reliable energy and access to renewables, enhancing connectivity in remote and urban locations to create a sustainable future and so much more. Simply put, Valmont is advancing agricultural productivity and reimagining vital infrastructure to make life better.

Join a Fortune 1000 company that respects hard work, honors diversity and invests in our employees as we focus on creating the world of tomorrow, today. We are the modern workforce. Are you ready to move the world forward? Apply now.

A Brief Summary of This Position:

This Individual Contributor position assists with and participates in the planning, design, implementation, operation, and maintenance of IT Governance, Risk & Compliance (GRC) program intended to support Business Continuity, IT Policies and Standards and IT Risk Management and Assurance goals. Assist with the configuration of the OneTrust Privacy, Risk, Policy and Procedure management modules for continuous implementation, maintenance and coverage of the IT control and privacy landscape. Automate repeatable processes supporting the GRC program functions, activities and processes. Lead action teams with Value Stream Owners (VSOs) and asset owners across multiple IT disciplines to design, develop, implement and deploy control processes and documented policies and procedures using the OneTrust risk catalogue or to remediate internal and external audit exceptions. It is essential to embody Valmont's core values of Passion, Integrity, Continuous Improvement, and Delivering Results while cultivating a workplace where employees feel valued, trusted, understood, and respected.

Essential Functions:

• This position reports into Manager IT Governance, Risk & Compliance and has no direct or indirect reports.
• This role requires up to 10% travel (international and domestic) with overnight stays.
• Support the development and maintenance of the Information Technology GRC program spanning all IT disciplines including control review processes, processing and formatting data from multiple information systems, scripting and automation for repeatable processes, development of database queries and reporting, compliance monitoring attributes and establishing protocols for sources of data.
• IT Risk Management: Maintains Risk inventory to track identified IT issues and risks; including risk acceptances or risk remediation plans that address each risk. Provides governance, oversight and reporting on issues and risks.
• Business Continuity / Disaster Recovery: Develops, implements, maintains, and tests the Corporate Business Continuity program. Identifies, documents, and tests the business requirements for uptime against the infrastructure capabilities in order to implement appropriate recovery strategies and identify gaps/risks.
• Lead collaboration efforts with IT value stream owners to define and implement effective control activities, processes and standards and document supporting policies and procedures.
• Develop and implement automated formatting and loading processes with multiple data inputs for assets, entities, data fields, and data associations supporting the maintenance of the enterprise data privacy program.
• Consultation and assistance to IT Risk & Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) as appropriate.
• Lead the planning, scoping, execution, and documentation of risk management activities in areas associated with technology and technology-related risks (e.g., cybersecurity).
• Collaborate and educate Risk & Control Owners on all relevant requirements for self-assessment and compliance reviews.
• Provide actionable, technical advice to software engineers to address and treat identified risks (including for cloud environments).
• Work with internal teams to understand their business processes, how they manage risks, respond / advise on their compliance needs and concerns and remediate new and outstanding issues.
• Identify, validate, and assess security risks; develop, socialize, and guide engineering teams through risk treatment plans.
• Collaborate across teams fostering engagement and building relationships - while acting as an analyst and compliance advisor.

Required Qualifications of Every Candidate (Education, Experience, Knowledge, Skills and Abilities):

• Preferred Bachelor's degree with 6+ years relevant experience or Associate's degree with 8+ years relevant experience or 10+ years relevant experience.
• Possess an understanding of security management and/or information risk and compliance processes and industry frameworks (ISO27001, NIST, COBIT).
• Experience performing cyber security risk assessment, business impact analysis, planning and reporting.
• Possesses foundational understanding of Risk Management concepts and principles.
• Experience developing, implementing and deploying IT risk management processes.
• Knowledge of the policies, procedures and processes that govern an IT organization.
• Possesses foundational understanding of IT Concepts and principles.
• Strong computer skills, including proficiency with MS Office suite, scripting technologies, database structures, advanced Excel macros, data reformatting from multiple sources, GRC tools, OneTrust, AuditBoard, MS SharePoint, OS365, Power Aps and Power BI.
• Must be available for U.S. and international time zone meetings.
• Flexible/remote schedule however must be able to work in the office on occasion.
• Travel up to 10% (domestic and international) including overnight stays.
• High level of initiative and self-motivation.
• Excellent written and verbal communication skills.
• Problem-solving, critical thinking and analytical ability.
• Ability to work independently and as a part of a team in a fast-paced, dynamic environment.

Highly Qualified Candidates Will Also Possess These Qualifications:

• Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Systems, or related field.
• 6+ years of experience in information security risk and compliance with a broad knowledge of network, desktop and distributed server hardware and software solutions.
• Strong ability for self-understanding and translation of technological components for applications, databases, operating systems, utilities, tools and interfaces via vendor administration manuals.
• Demonstrated analytical and problem-solving skills.
• Strong understanding of application information security structures and administrative user interfaces that are adaptable to multiple business application systems.

Working Environment and Physical Efforts:

Work is typically performed in an office setting. The incumbent is regularly required to sit for extended periods of time, as well as talk and listen on the phone and in personal conversations or meetings. Environment is fast paced and demanding most of the time. Travel requirements are up to 10% for this position. The employee frequently is required to use hands to finger, handle, or feel and reach with hands and arms while working in the office with various files and forms and while working on the computer. The employee is occasionally required to move about the office. Incumbent must utilize proper ergonomic safeguards such as monitor height and positions, keyboard location and height and proper wrists rests. The employee must occasionally lift and/or move up to 15 pounds in working with large files, binders, and computer equipment. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, and depth perception.

Benefits

Valmont offers employees and their families a comprehensive Total Wellbeing benefit package to ensure their individual and family's overall wellness needs are met. Some offerings are dependent upon the role, work schedule, or location and can include the following:

• Healthcare (medical, prescription drugs, dental and vision)
• 401k retirement plan with company match
• Paid time off
• Employer paid life insurance
• Employer paid short-term and long-term disability including maternity leave
• Work Life Support
• Tuition Reimbursement up to $5,250 per year
• Voluntary programs like tobacco cessation, Type 2 diabetes reversal, one-on-one health coaching, mortgage services and more

Valmont does not discriminate against any employee or applicant in employment opportunities or practices on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran status, disability or any other characteristic protected by law. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

If you have a disability and require any assistance in filling out the application for employment email [email protected].