Jobs for People with MS: National MS Society

At GAF, we cover more than buildings. We cover each other. No matter what role, tenure, or track, under this roof you are empowered to be there for your teammates, your customers, and especially your community. Under this roof, we don’t back down from hard work– we support one another in pursuit of something bigger. We define the future while leading the present. And under this roof, we own our opportunities. Becoming the market leader only happens when everyone feels they have the opportunity, and the support, to thrive. We are GAF. And under this roof, we protect what matters most.

Job Summary

GAF is seeking a Sr. Cybersecurity Risk Analyst to join the GAF Cybersecurity team. The analyst will be working on a variety of initiatives that support the team's efforts in security posture improvement and risk reduction. The successful candidate will have foundational knowledge in cybersecurity with substantive experience in at least two of the following domains: cybersecurity governance, risk assessment, cybersecurity architecture/engineering, vulnerability management, education & awareness.

Essential Duties

• Leading GAF’s Risk Management process including the identification of cybersecurity risks, assessing related business impacts and partnering with business and IT staff to develop appropriate risk responses and action plans

• Oversee the implementation and measurement of key security control measures including performing periodic control assessments

• Leading the team’s third party risk management process including conducting vendor risk assessments and reporting of risks

• Further refine control and audit mechanisms to monitor and maintain compliance with standards and associated controls.

• Working with various stakeholders to identify information asset owners to classify data and systems as part of an ongoing control framework implementation.

• The role is composed of a variety of activities, centered primarily around performing risk & control assessments, reviewing vendors and developing approaches to remediate and mitigate identified risks

• Additional responsibilities may be assigned depending upon the successful candidate’s skillset, career aspirations and needs of the organization

Under This Roof We Require

• Bachelor’s Degree in Computer Science, Information Systems, Cyber Security, or relevant technical degree Required

• 5+ years of experience in any combination of cybersecurity governance, risk assessment, cybersecurity architecture/engineering, vulnerability management, education & awareness

• Influence and negotiation skills to effectively partner with stakeholders across the organization in the development of action plans to remediate and mitigate risks

• Knowledge and understanding of information risk concepts and controls such as CIS Top 20.

Under This Roof We Also Value

• Excellent written and verbal communication skills

• The ability to interact comfortably with personnel across multiple organizations, build strong relationships at all levels and across all business units, and understand business imperatives

• Prior hands-on technical experience in one or more of the following areas is desirable: networking, server/cloud infrastructure, identity management, vulnerability management

Technical Knowledge, Skills and Abilities

• Strong technical risk analysis skills with the ability to identify and understand cybersecurity deficiencies, the potential impact to GAF’s business and appropriate control measures

Qualifications Preferred

• Prior experience with UpGuard, AuditBoard, SAP GRC and ServiceNow desirable

• Prior experience with PCI compliance preferred

• An industry recognized Information Security accreditation such as CRISC, CISSP or CGEIT is preferred

How We Protect What Matters Most:

1. We offer a wide range of health insurance options that include medical, dental, and vision for you and your family. 2. Our Family-Building benefits support the many different journeys to fertility and parenthood. 3. Our robust 401K plan includes an employer match contribution with your pre-tax and/or Roth contributions. 4. Other exciting programs and perks are available to help employees achieve work-life balance, including (but not limited to) a wellness program, free financial coaching, a referral program, and product rebates when purchased for an employee’s primary residence. 5. Professional growth and development are very important to us! We offer internal training programs and courses, as well as a generous tuition reimbursement program. 6. We put diversity and inclusion into action with our Employee Resource Groups, which unite employees based on common perspectives, identities, demographic factors, or out of a desire to be an ally.

GAF complies with federal, state, and local disability laws and makes reasonable accommodations for applicants and employees with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR Services at 833-HR-XPERT.

We believe our employees are our greatest resource. We offer competitive salary, benefits, 401k, and vacation packages for all full time permanent positions. We are proud to be an equal opportunity workplace and GAF, Standard Logistics, SGI, and Siplast are proud to be affirmative action employers. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know. If applying for positions in the U.S., must be eligible to work in the U.S. without need for employer sponsored visa (work permit).