Information security GRC

Job Description

<p><strong>Responsibilities</strong></p><ul><li>Conduct technical risk assessments and collaborate/communicate in a simple, clear, and concise manner to the various communities within our organization.</li><li>Develop the required Information Security controls and policies to support the organization’s governance and compliance objectives.</li><li>Assist with analysis and documentation of audit remediation actions related to Information Security.</li><li>Drive the development of use cases and business requirements in close partnership with cross-functional stakeholders (GRC, Security, Privacy, Audit, Compliance, etc.) to fulfill all applicable solution needs.</li><li>Employ business analysis and solution skills to interpret business requirements/impacts to ensure the optimal tooling strategies are identified, designed and implemented to meet business needs.</li><li>Maintains a deep knowledge of risk mitigation principles and techniques of the international risk and security standards to manage compliance with such standards and regulations including ISO 27001, ISO 27005, NIST, PCI/DSS, and more other frameworks.</li><li>Performs and investigates internal and external information security risk and exceptions assessments.</li></ul><p><br></p><p><strong>Qualifications</strong></p><ul><li>Bachelor’s degree in computer science or equivalent.</li><li>Must have 2+ years of experience in GRC Strong knowledge in user awareness programs Strong knowledge in program development Strong knowledge in compliance and regulatory standards CBE standards NIST standards ISO Standards PCI-DSS.</li></ul><p></p>