Job Summary:

Contributes to the maintenance of the Company’s cybersecurity Governance, Risk, and Compliance program (GRC). The GRC Analyst I plays a role in assessing technology-related risks and ensuring compliance with relevant regulations, policies, standards, and controls designed to protect the organization’s information assets.

Primary Job Responsibilities

Policies/Standards/Controls:

+ Monitors compliance with cybersecurity control framework.

+ Maintains cybersecurity policies, standards, and guidelines.

+ Communicates policies to relevant stakeholders.

Security Awareness:

+ With guidance, develops security awareness training programs and materials.

+ Plans and executes cybersecurity awareness events and communication campaigns.

+ Organizes and delivers training sessions to employees on security policies and best practices.

+ Monitors and reports on the effectiveness of security awareness initiatives.

Cyber Risk Management:

+ Assists with the collection, analysis, and presentation of cybersecurity program performance metrics and key risk indicators (KRIs).

+ With guidance, conducts regular assessments of cyber risks within applications, platforms, and processes.

+ Documents and monitors mitigation strategies and risk management plans.

+ Actively participates in third-party risk management by assessing the security posture of external vendors and partners.

PCI, SOX, and Privacy Compliance:

+ Supports cross-functional teams in the implementation of regulatory and PCI-DSS controls.

+ Processes privacy-related data subject access requests.

+ Monitors compliance and reports effectiveness.

+ Performs periodic gap assessments to validate compliance.

+ Assists in managing action plans in response to audit discoveries.

Management Responsibilities

+ Not applicable

Scope

+ Decision Impact: Individual

+ Department Responsibility: Single

+ Budgetary Responsibility: No

+ Direct Reports: No

+ Indirect Reports: No

+ Physical Requirements: Not applicable

Required Education/Experience

+ Minimum Bachelor's Degree in Cybersecurity or related field or a combination of related education and work experience in an Information Security role to equal 4 years.

+ Minimum of 2 years experience in Cybersecurity or technical risk analysis.

Required Knowledge/Skillsets

+ Exceptional written and verbal communication skills that can be adjusted to relevant audiences.

+ Analytic and problem-solving skills.

+ Working knowledge of cybersecurity control frameworks (NIST CSF preferred), PCDI-DSS, and SOX.

PulteGroup, Inc. and its affiliates do not accept unsolicited resumes from individual recruiters or third party recruiting agencies (collectively, “Recruiters”) in response to job postings. If Recruiters nevertheless submit one or more unsolicited resumes to any employee at PulteGroup, Inc. or its affiliates without a valid written agreement in place for this position, it will be deemed the sole property of PulteGroup, Inc. and its affiliates. No fee will be owing or paid to Recruiters who submit unsolicited candidates, in the event the candidate is hired by PulteGroup, Inc. or its affiliates as a result of the referral, without a written agreement between PulteGroup, Inc. and through any means other than via our Applicant Tracking System.

We are an equal opportunity employer (http://www.eeoc.gov/sites/default/files/migrated\_files/employers/poster\_screen\_reader\_optimized.pdf) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. We will provide a reasonable accommodation to a qualified applicant with a disability that will enable the individual to have an equal opportunity to participate in the application process and to be considered for a job.

This Organization Participates in e-Verify (https://www.e-verify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf)

Pulte Homes of Minnesota is an equal employment opportunity/affirmative action employer.

California Privacy Policy (https://www.pulte.com/legal/privacy-policy)