Manage information security policy, standards, procedures and organize and triage update requests with content owners and stakeholders; drive annual reviews and ad hoc updates.
Work across security teams and the business driving common approaches to risk and requirement analysis.
Work with stakeholders to resolve issues and exceptions in a timely manner.
Identify and mitigate high-priority risks, reducing risk exposure to the organization.
Identify opportunities to streamline and optimize policy, risk, control, and issues and exceptions processes, reducing manual effort and improving efficiency.
Communicate technical findings and resolutions to non-technical stakeholders effectively, resulting in high stakeholder satisfaction.
Proactively identify areas of improvement within Cyber GRC and lead efforts to address and remediate.
Develop and provide training and communications to stakeholders on risk and control processes
Perform other duties within the scope of GRC

Requirements

Bachelor's degree in Computer Science, Information Security, or a related field is required
5-10 years of experience in a security-related role, with experience in issue and exception management, risk assessment, and compliance.
Strong technical knowledge and understanding of security concepts, including risk management and compliance.
Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Practical experience with requirements and controls from regulatory requirements such as SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, PCI-DSS and frameworks such as NIST Risk 800-34, NIST 800-53, etc.
Understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.
Proven track record of successfully collaborating with cross-functional teams to achieve business objectives.
Ability to build rapport and maintain relationships across functions within the company, with external vendors, and with governmental teams.
Ability to think strategically about risks and tie those risks to tactical organizational activities.
Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.

Benefits

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

risk managementcomplianceissue managementexception managementrisk assessmentsecurity conceptsprogram managementproject managementcontrol processestraining development

Soft skills

communicationcollaborationrelationship buildingstrategic thinkingproblem solvingstakeholder satisfactionorganizational skillsleadershipefficiency improvementcross-functional teamwork

Certifications

CISSPCISMCRISC