This job posting is no longer active.
Are you an information risk management professional with a sound understanding of risk and compliance who can think outside the box?
Does the thought of taking a company into the Industry 4.0 revolution get you excited?
Do you want to take that excitement and knowledge and work for a world-class organization?
Then apply today at Ashley Furniture – the World’s Largest Furniture Manufacturer!
Our Information Risk Management team combines a highly skilled workforce and incredible computer optimization to create one of the most agile operations in the industry!
Information Risk Management PCI/GRC Security Analyst
What Will You Do?
The PCI/GRC Analyst will perform critical functions supporting and maturing Ashley’s risk and compliance team, and overall security posture.
Under the guidance of the GRC Director, the PCI/GRC Analyst will work cross-functionally with business units, system, and software development teams to ensure continued compliance and successful alignment with business objectives and initiatives.
Assist with internal auditing, conduct threat, and risk assessments, audits policies and standards identifying and/or bridging gaps. Will contribute to tactical decisions and resolution of complex technical or strategic problems.
- With minimal supervision from the GRC Director and cybersecurity leadership, will assess compliance factors with applicable security controls and AFI’s current risk posture
- Collaborates with business units to define acceptable security postures, test plans and compliance criteria
- Will support the development and implementation of common security controls with assistance from the cybersecurity and information security team members
- Contributes to, or develops, security standards and processes under limited guidance
- Effectively identifies and escalates risks and issues as appropriate
- Responsible for managing the risk register and GRC automated solutions
- Assist in the development and completion of security education, training and awareness
- Demonstrate the Company’s Core and Growth Values in the performance of all job functions.
What Do You Need?
- 3-5 years of experience working with, and knowledge of, PCI:DSS, the NIST RMF and/or CSF, ISO 27xxx, ITIL, COBIT
- Degree in Information Security, Computer Science, Information Technology or a related field, or 4 years of related work experience
- Two professional certifications, e.g., CRISC, CISM, CISA, CISSP, CSSLP, CSP, CAP
- 3-5 years’ implementing risk management, cyber security frameworks, and compliance with at least two of the following: PCI:DSS, COBIT, NIST 800-XX, ISO 27XXX, ITIL, CCPA
- Solid working knowledge and understanding of information security, GRC, risk management, mitigation, and remediation strategies
- Experience establishing and managing risk registers and GRC automated solutions
- Technical writing and strong project management skills
- Possesses basic understanding of the retail or manufacturing industry
- Work independently as well as in a team environment
- Handle multiple projects simultaneously within established time constraints
- Perform under strong demands in a fast-paced environment
- Work professionally with customers and co-workers to efficiently serve our customers, treating both with enthusiasm and respect
- Display empathy, understanding and patience with employees
- Respond professionally in situations with difficult employee issues or inquiries.
Who Are We?
- We offer competitive pay and excellent benefits.
- We are a multibillion-dollar company and the world’s largest furniture manufacturer.
- Growth-Focused is one of our core values, and we are dedicated to helping you grow with us through training, mentoring, and coaching as well as investing in the latest design tools, production equipment and new technologies.
- Environmental efforts are a priority as we continually seek to recycle, reuse and replenish every day.
- Millions of dollars are contributed annually to local and national charities as we seek to improve the lives of people around the world.
- We are an equal opportunity employer and provide a drug-free working environment.
- While Ashley appreciates the interest of all candidates only those meeting specific position requirements may be contacted. Principals Only.