Share this Job

Lead Compliance Analyst, Information Security (GRC)

 

Logistics at full potential. 

 

At GXO, we’re constantly looking for talented individuals at all levels, who can deliver the caliber of service our company requires. You know that a positive work environment creates happy employees, which boosts productivity and dedication. On our team, you’ll have the support to excel at work, and the resources to build a career you can be proud of.

 

As the Lead Analyst Compliance, Information Security, you will be responsible for managing the governance of our information security program. On our team, you’ll have the support to excel at work and the resources to build a rewarding career.

 

Pay, benefits and more.

We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and more.

 

What you’ll do on a typical day:

  • Work with Business Infrastructure and Operations teams, internal and external auditors to lead the company through ISO/IEC 20000, 27001, CMMC and SOC2 audits annually
  • Perform annual planning, procedure and policy updates, evidence collection and any remediation activities to assure a successful outcome of the annual audit process
  • Provide technical design recommendations to address audit and compliance narratives in partnership with technology SMEs and leadership
  • Work with other members of the Information Security Governance Team to analyze and audit processes, implementations, policy adherence and other information sources to evaluate compliance with multiple regulatory standards and risk management objectives
  • SME for governance, risk and compliance including policies, program management and executive reporting
  • Support third party risk management program with vendors, partners and clients from attestation to integration
  • Partner with Sales to respond to information security questionnaires and meet with potential clients
  • Present current security and audit posture to support the sales cycle and audit objectives
  • Monitor and work with control owners to ensure the security of systems and data, including credential audits and system monitoring activities adhere with appropriate standardized procedures
  • Participate in implementing, executing, and testing information security processes; use observation and initiative to identify potential security vulnerabilities and risks

What you need to succeed at GXO:

At a minimum, you’ll need:

  • Bachelor’s degree or equivalent related work or military experience
  • 4 years of experience in information security or a related field
  • Experience in managing / auditing an ISO27001 framework / environment
  • Strong data analysis skills, including experience with querying, analysis and reporting

It would be great if you also have:

  • 6 years of experience in information security or a related field
  • 3 years of experience in managing / auditing an ISO27001 framework / environment
  • Professional certification in the information security field, e.g., (CISSP, CISA, CISM)
  • Training or certification in ISO/IEC 20000 or 27001
  • Technical background in systems administration/networking
  • Work experience with well-known risk management / reporting tools (Archer, MetricStream, OneTrust, etc)
  • Knowledge of well-known information security frameworks (COBIT, ISO, NIST)

Be part of something big.

 

GXO is a leading provider of cutting-edge supply chain solutions to the most successful companies in the world. We help our customers manage their goods most efficiently using our technology and services. Our greatest strength is our global team – energetic, innovative people of all experience levels and talents who make GXO a great place to work.

 

We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.


GXO adheres to CDC, OSHA and state and local requirements regarding COVID safety. All employees and visitors are expected to comply with GXO policies which are in place to safeguard our employees and customers.

 

All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.

 

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed. Review GXO's candidate privacy statement here. 


Nearest Major Market: Charlotte

Job Segment: Information Security, Compliance, Law, Outside Sales, Technology, Security, Legal, Sales