Dynamo Software is a leading global FinTech Research and Portfolio Management SaaS provider offering an industry-tailored, highly configurable SaaS platform solving challenges across the alternative investment landscape. For more than 20 years, the Dynamo™ platform has improved the productivity of fundraising, deal, research, investor servicing, portfolio management, and compliance teams worldwide. Collectively, Dynamo’s 1,000 clients manage over $5 trillion in assets. Backed by the largest Private Equity firms in the world – Blackstone Growth and Francisco Partners, Dynamo is seeking to grow our team based on rapidly increasing demand for our financial technology solutions.
The responsibility of the GRC Analyst is to help support the day to day assurance operations related to policy compliance, process and organizational policies and security requirements governance, as well as risk management functions. You will assist with the collection of data from multiple systems to allow for proper reporting of the Information Security program effectiveness.
You will engage business personnel to ensure all requisite data and information is complete, accurate, and consistently delivered. You will use your experience and knowledge of security in working with a team to deliver on Governance, Risk and Compliance goals related to developing the complete perspective for operational and management visibility of overall compliance to the Information Security program, policies, and practices.
Your daily life:
- Implement the enterprise-wide strategy and key initiatives/projects focused on the reduction of technology risk
- Assist in the execution of departmental plans, including business, production and/or organizational priorities and contribute to the Governance, Risk and Compliance functional strategy
- Work with IT and business teams to perform security and compliance assessments on new and existing systems, processes, and technology
- Collaborate to define Information Security requirements and develop / update associated policies
- Support internal and external audit processes for relevant compliance concerns
- Participate in disaster recovery and business continuity planning and exercises, as appropriate
- Perform periodic gap assessments to validate compliance on an ongoing basis
What you bring:
- 4 years of relevant experience in the Information Security field.
- Bachelor’s degree in Information Systems, Cybersecurity, or a related field
- GRC related certifications are preferred
- Experience with information security, cyber security, and privacy issues and awareness of regulated data environments (e.g. PCI, SOX, FERPA, HIPAA, and COPPA) a plus
- Possess strong technical security skills and comprehension of security and risk
- Familiarity with eGRC tools such as such as ServiceNowGRC, RSA Archer, Kenna, RSAM, etc.
- Knowledge and experience with diverse IT architectures and enterprise IT data centers, large-scale transaction processing environments, external hosted services and cloud computing environments.
- Experience working with security management tools (e.g., vulnerability scanners, file integrity monitoring, configuration monitoring, etc.) and perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.)
- Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
What we offer:
- The ability to have an IMPACT. Good ideas come from everyone in our organization and we are agile enough to embrace new ideas and directions
- The opportunity to gain knowledge and experience in the rapidly growing financial services and alternative assets industry
- A very attractive work culture in an established technology company – we take pride in our work and people
- A flexible work environment with opportunities for remote/ hybrid work or flexible hours
- Excellent health insurance program for you and your family