Apex Tool Group is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.

IT Risk Analyst - Apex, NC

The Blueprint (Role Profile)

We are looking for an IT Risk Analyst who will play a key role in maturing our current and future global IT environment.

This is an exciting time to join Apex Tool Group and be an influential part of our Information Technology Team. Reporting to the Manager of IT Compliance, you will identify IT and data risks, design control responses, monitor mitigation efforts, and report activities to ensure the effectiveness of the Risk Management Program. You will work across multiple teams to help drive reductions in business-impacting IT risks and improve efficiency of data collection, testing, and reporting. You are expected to have experience with IT controls, cybersecurity assessments, and controlled document management.

The Build (Responsibilities)

• Perform continuous analysis and evaluation of cybersecurity and technology risks within a GRC application
• Assist in documenting operations and IT functions that may require risk mitigation assistance
• Develop, implement, and enhance IT controls in alignment with the ATG Cybersecurity Program utilizing CIS, NIST and ISO frameworks
• Oversee project implementations related to achieving compliance and improving overall security of our operating environment
• Review action plans and remediation evidence to provide feedback necessary to close findings
• Work closely with the Cybersecurity Team to develop and approve policy exception requests
• Assist in managing the third-party risk management process, including vendor assessment requests and performing risk analysis of third parties
• Develop corrective action plans driven by continuous assessment, vulnerability scans, incidents, and penetration tests
• Manage the controlled document repository to ensure polices and procedures are reviewed and approved in a timely manner

The Toolbox (Qualification)

• 3+ years of relevant experience managing risk or compliance
• Bachelor's Degree in a technical field (or 5 years of relevant experience in lieu of degree)
• Understanding of risk management functions within a GRC application
• Familiarity with NIST 800-171 and ISO 27001
• Security+, CRISC, or ISO27001 Lead Implementer certifications a plus
• Attention to detail and strong communication skills in both presentation and one-on-one environments
• Knowledge of third-party/vendor management lifecycle
• Demonstrated understanding of compliance documentation, including System Security Plans, Standard Operating Procedures, Plans of Actions and Milestones, Corrective Action Plans, and Configuration Management Plans
• Capable of leading process and systems walkthroughs as part of a risk assessment or audit
• Knowledge of, and experience with administrative, technical, and operational controls needed for compliance with a variety of different sources

At Apex Tool Group (www.apextoolgroup.com), we build innovation. Each day, our associates strive to find new and exciting ways to help our customers solve their most complex challenges. By harnessing our global resources, unprecedented insights and spirit for service, we build more than just tools for the jobsite - we help build the future.

ATG is a global manufacturer of hand and power tools, tool storage and accessories, chain, and electronic soldering solutions with more than $1.2 billion in annual revenues. Our 6,700 associates around the world have built powerhouse brands like GEARWRENCH, SATA, Crescent, Cleco, Weller and APEX. Our brands are trusted by the professional trades and DIY enthusiasts alike. With our roots dating back to the 1800's, our tools have driven technological advancements that drive efficiency, speed and safety for customers in a broad range of commercial and consumer markets.

As part of the ATG team, you will move fast, think globally, learn from your colleagues and grow your career. You'll enjoy competitive benefits, a healthy work/life balance and have opportunities to give back to the communities we serve.

Our six core values - Customers Come First, Integrity in All We Do, Continuous Improvement, Innovation for Growth, Passion to Succeed and Best Talent, One Team - drive our daily decisions. Connect with us on social media to learn more - Facebook, Instagram, LinkedIn and Twitter.

If your goal is to work where finding a better way never ends and your ideas become reality, join us and say #WeBuildATG!