Cybersecurity GRC Analyst

Date: Sep 7, 2024

Location:

Milwaukee, WI, US, 53204-2941

Req ID: 30120

Onsite or Remote:

Komatsu is an indispensable partner to the construction, mining, forestry, forklift, and industrial machinery markets, maximizing value for customers through innovative solutions. With a diverse line of products supported by our advanced IoT technologies, regional distribution channels, and a global service network, we tap into the power of data and technology to enhance safety and productivity while optimizing performance. Komatsu supports a myriad of markets, including housing, infrastructure, water, pipeline, minerals, automobile, aerospace, electronics and medical, through its many brands and subsidiaries, including TimberPro, Joy, P&H, Montabert, Modular Mining Systems, Hensley Industries, NTC, and Gigaphoton.

Job Overview

We have a newly created opportunity for a Cybersecurity GRC Analyst to join our IT Team. This role in working on-site and can be based out of our headquarters office in Milwaukee, WI or Chicago, IL. In this role you will have responsibility for being the primary point of contact for cybersecurity awareness communication, fostering relationships with cybersecurity awareness ambassadors globally, developing/updating IT Cybersecurity Control documents, Phishing simulation development, analyzing cybersecurity data to drive compliance, implementing and enforcing data security controls to comply with the data governance program, and providing support for eDiscovery, forensics and Insider Risk program. You will work closely with all levels of the organization for cybersecurity awareness communications and education.

Key Job Responsibilities

Develop and publish effective cybersecurity awareness communication materials to educate employees on current risks and threats
Coordinate the translations of all awareness content with global cybersecurity awareness ambassadors
Organize initiatives, coordinate and participate in cybersecurity awareness events
Build positive relationships with other operating units and technical leadership to understand their cyber risks and develop appropriate educational materials
Collaborate with marketing professionals to produce branded awareness materials
Assist in communication of strategies or messages from senior leadership
Analyze cybersecurity compliance data and develop metric frameworks to measure the effectiveness of the program
Create and launch monthly phishing testing globally
Managing Vulnerability Management Tool
Create new and update existing cybersecurity IT control documentation
Develop and rollout Insider Risk Program
Assist with ediscovery and forensic requirements as needed

Qualifications/Requirements

Bachelor’s Degree in Computer Science, Information Systems, other related fields.
2+ years of experience in security awareness or security operations.
Strong understanding of security fundamentals and general security technologies
Excellent communication, interpersonal skills, especially the translation of cybersecurity concepts to all levels of the business
Ability to maintain security control documentation
Experience with industry recognized phishing simulation tools
Strong understanding of email header analysis to look for indicators of phishing

Additional Information

Komatsu is an Equal Opportunity Workplace and an Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.