Senior Information Security Control Validation Analyst

Columbia Sportswear View all jobs

Bangalore, Karnataka
Permanent
Full-time

10 hours ago

.ABOUT THE POSITIONAlthough we're an apparel and footwear-focused company, technology is central to everything we do. Columbia Sportswear’s Digital Technology (CDT) organization enables IT infrastructure and applications across four global brands, a global supply chain, and 500+ geographically dispersed stores. These teams support in-store, mobile, and data platforms to enhance customer interface and service in an ever-evolving industry.We are seeking a detail-oriented and technically proficient Senior GRC Analyst to join our Information Security team, with a focus on validating and testing security controls across the enterprise. This role is ideal for professionals with 5–8 years of experience in GRC, IT audit, or cybersecurity operations who are passionate about ensuring the effectiveness of security controls and driving continuous improvement.HOW YOU’LL MAKE A DIFFERENCE

Plan and execute control validation and testing activities across various domains (e.g., access management, vulnerability management, incident response, data protection).
Mentor junior analysts, providing guidance on control validation methodologies and best practices.
Provide subject matter expertise regarding information security control validation to the CDT organization and its business partners
Document findings and work with stakeholders to develop remediation recommendations
Develop and enhance control testing methodologies, procedures, and reporting mechanisms
Prepare risk reports and dashboards for management and governance committees.
Contribute to the maturity of the GRC program through automation, metrics, and process improvements.

YOU ARE

Detail-Oriented & Methodical: You approach control testing with precision and a strong understanding of risk implications.
Self-Motivated and Curious: You are driven to understand the "why", you thoughtfully investigate complex issues and ask probing question
Problem Solver: You bring a solutions-oriented mindset to identifying and remediating control deficiencies.
Structured and Reliable: Whether alone or collaborating, you guide the successful completion of both projects and day-to-day activities.
Enterprise Focused: You aren’t a siloed thinker, but consider business impacts across regions, functions, and technologies.
Relationship Driven: You build rapport and support your team and colleagues across functions
Savvy and Effective Communicator: Whether in writing or verbally, you can clearly explain technical concepts and risks to colleagues without excessive jargon.

YOU HAVE

Bachelor’s degree in a technical field such as cybersecurity or business information systems
Security certifications such as CISSP, CISA, CRISC, Sec+, or CC preferred.
Minimum 5 years’ experience in GRC, IT audit, or information security within mid-size to large corporate environment
Strong understanding of cybersecurity frameworks such as NIST CSF or ISO 27001
Strong PC and systems skills with aptitude for learning technical subjects.

#LI-SA1#HybridThis job description is not meant to be an all-inclusive list of duties and responsibilities, but constitutes a general definition of the position's scope and function in the company.

Columbia Sportswear

Apply Now