✦ Luna Orbit — Cybersecurity

IT Security Analyst

at Commercial Metals

📍 Irving, TX, US, 75039 Onsite Posted March 29, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience mid
Exp. Years 2+ years
Education Bachelor's degree in computer science, Information Technology, or related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CRISC) preferred
Category Cybersecurity

About this role

IT Security Analyst responsible for IT security governance, risk management, audits, and compliance at CMC. Conduct internal IT security audits, support SOX, review SOC reports, and manage risk with GRC tools; provide policy guidance and incident response.

Key Responsibilities

  • Internal IT security audits and guidance to IT teams
  • SOX auditing and remediation coordination
  • SOC 1 and SOC 2 reports review
  • Third-party vendor security assessments
  • Policy development and maintenance

Technical Overview

Focus on ISO 27001, NIST CSF, GDPR; use GRC tools to automate governance and evidence collection; coordinate audit evidence with internal teams; monitor compliance metrics and report to leadership.

Ideal Candidate

The ideal candidate is a mid-level IT security professional with 2+ years in governance and risk management, deep knowledge of ISO 27001, NIST CSF, and GDPR, and hands-on experience with IT security audits and GRC tools. They should communicate effectively with stakeholders and drive remediation and compliance initiatives.

Must-Have Skills

2 years IT security governancerisk managementor related fieldsStrong understanding of IT security principlesstandardsand frameworks (ISO 27001NIST Cybersecurity FrameworkGDPR)Experience with IT security assessmentsauditsand risk assessmentsExperience with IT Security/GRC tools and automation technologiesAbility to communicate with non-technical stakeholdersPolicy development and maintenanceIncident response participationVendor relationship management

Nice-to-Have Skills

mission-critical 24x7 IT security environments experienceglobal cross-functional collaboration

Tools & Platforms

GRC tools

Required Skills

IT security governancerisk managementISO 27001NIST Cybersecurity FrameworkGDPRSOX auditingSOC 1SOC 2GRC toolssecurity assessmentsauditspolicy developmentincident responsevendor managementcompliance reporting

Hard Skills

IT security governancerisk managementISO 27001NIST Cybersecurity FrameworkGDPRSOX auditingSOC 1SOC 2GRC toolssecurity assessmentsinternal IT security auditspolicy developmentincident responsevendor managementcompliance reporting

Soft Skills

analytical thinkingcritical thinkingcommunicationcollaborationstakeholder managementtraining & awarenessproblem-solving

Certifications

Preferred

CISSPCISMCRISC

Industry & Role

Industry Manufacturing
Job Function Oversee IT security governance, risk management, audits, and policy compliance.
Role Subtype GRC Analyst
Tech Domains Cybersecurity, Governance, Risk and Compliance, Incident response, Auditing, Vendor management, ISO 27001, NIST Cybersecurity Framework, GDPR

Keywords for Your Resume

it security governancerisk managementiso 27001nist cybersecurity frameworkgdprsox auditingsoc 1soc 2grc toolssecurity assessmentsauditspolicy developmentincident responsevendor managementcompliance reportinginternal IT security auditstrainingstakeholder managementon-siteirvingISO 27001NIST Cybersecurity FrameworkGDPRSOXSOC 1SOC 2GRCaudit

Deal Breakers

Less than 2 years in IT security governance or related field, No experience with IT security assessments/audits, Lack of ability to communicate with stakeholders, No bachelor's degree

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile