We are looking for a GRC Security Specialist to join us. In this critical role, you will be deploying common governance, risk, and compliance processes, controls, conducting audits, documenting, and ensuring that technologies and business operations are structured and configured for data protection and compliance.
Responsibilities:
Proactively protect the availability, integrity, and confidentiality of all customer and company data.
Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
Develop a compliance strategy and approach, and ensure compliance with contractual requirements and globally recognized standards and guidelines.
Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
Act as a compliance officer and serve as the intake on compliance-related inquiries, and coordinate with subject matter experts.
Conduct periodic internal reviews or audits to ensure that compliance procedures are followed.
Conduct or direct the internal investigation of compliance issues.
Assess product, compliance, or operational risks and develop risk management strategies. Discuss emerging compliance issues with management or employees.
File appropriate compliance reports with regulatory agencies and disseminate written policies and procedures related to compliance activities.
Advise internal management or business partners on the implementation or operation of compliance programs.
Provide employee training on compliance-related topics, policies, or procedures.
Monitor compliance systems to ensure their effectiveness.
Prepare management reports regarding compliance operations and progress.
Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.
Design or implement improvements in communication, monitoring, or enforcement of compliance standards.
Develop an awareness program. Create and deliver awareness materials to all Employees.
Responsibilities:
Proactively protect the availability, integrity, and confidentiality of all customer and company data.
Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
Develop a compliance strategy and approach, and ensure compliance with contractual requirements and globally recognized standards and guidelines.
Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
Act as a compliance officer and serve as the intake on compliance-related inquiries, and coordinate with subject matter experts.
Conduct periodic internal reviews or audits to ensure that compliance procedures are followed.
Conduct or direct the internal investigation of compliance issues.
Assess product, compliance, or operational risks and develop risk management strategies. Discuss emerging compliance issues with management or employees.
File appropriate compliance reports with regulatory agencies and disseminate written policies and procedures related to compliance activities.
Advise internal management or business partners on the implementation or operation of compliance programs.
Provide employee training on compliance-related topics, policies, or procedures.
Monitor compliance systems to ensure their effectiveness.
Prepare management reports regarding compliance operations and progress.
Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.
Design or implement improvements in communication, monitoring, or enforcement of compliance standards.
Develop an awareness program. Create and deliver awareness materials to all Employees.
Requirements:
At least 3+ years of hands-on experience in Governance, Risk, and Compliance.
Demonstrated knowledge of authoritative industry sources such as FedRAMP, PCI DSS, SOC2, ISO standards, etc.
Experience with software development and QA life cycle. SaaS experience preferred.
Knowledge of complex application, network, host, and virtual system operations.
Ability to relate business requirements and risks to policy and technology implementation.
Expert-level knowledge of risk assessment and remediation methodology, processes, and procedures.
Ability to manage projects and implementations across organizations.
Ability to effectively interface with technical staff, senior management, and customers.
Strong project management experience.
At least 3+ years of hands-on experience in Governance, Risk, and Compliance.
Demonstrated knowledge of authoritative industry sources such as FedRAMP, PCI DSS, SOC2, ISO standards, etc.
Experience with software development and QA life cycle. SaaS experience preferred.
Knowledge of complex application, network, host, and virtual system operations.
Ability to relate business requirements and risks to policy and technology implementation.
Expert-level knowledge of risk assessment and remediation methodology, processes, and procedures.
Ability to manage projects and implementations across organizations.
Ability to effectively interface with technical staff, senior management, and customers.
Strong project management experience.
This position is open to all candidates.
