Trinity Industries is searching for a talented team player to fill the role of Information Governance, Risk and Compliance Analyst in our Dallas, Texas HQ!
The Information Governance, Risk, and Compliance (GRC) Analyst supports one or more primary functions within the Information GRC (IGRC) organization. Reporting to the Sr. Director, IGRC within the Information Risk Management organization this individual is responsible for the day-to-day execution of core IGRC work activities and providing support to accomplish enterprise objectives in support of legal, regulatory, and information security requirements.
The primary job functions of this role include the facilitation of risk assessments and risk management functions, performance of and reporting on compliance evaluations, the creation and documentation of enterprise policies, processes, and standards, and enterprise document management. The secondary job functions of this role include eDiscovery support and records management support.
What you will do:
Assist with exception management activities related to enterprise policies and directives
Support risk assessment activities in vendor due diligence, third party risk management, and IT project operations
Document and communicate enterprise Information Risk Management policies, processes, procedures, standards, and requirements
Assist in preparing reports and summaries of IGRC program for executive review
Help establish and maintain enterprise document management systems
Stay informed of present and emerging regulatory concerns and information security trends
Help maintain enterprise information risk register and maturity assessments
Interface and interact with business leadership to include Legal, Compliance, IT, and Operations
Work in collaboration with the Cyber Defense Center to assess computer hardware, software, and systems for security risks or violations
Support strategies to address security awareness and training across a global enterprise including remote staff and geographically separated locations
What you'll need:
Bachelor's or equivalent and 2+ years' experience in IT field required,
Experience in GRC organizations is preferred
Experience with manufacturing or digital services is a plus
Relevant certifications (CISM, CISA, CISSP, or equivalent) are a plus but not required
Experience with technical editing desired
Excellent oral and written communication skills
Experience with multi-national/global enterprises is a plus
High personal integrity and confidentiality
High attention to detail
Familiarity with one or more of the following frameworks and regulations is a plus: