MassMutual Romania

Governance, Risk & Compliance Analyst

MassMutual Romania

full-time

Posted on:

Location Type: Hybrid

Location: Bucharest • 🇷🇴 Romania

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

CloudCyber SecurityServiceNow

About the role

  • Support risk assessments, validation testing, compliance reviews, and audits in accordance with NIST standards and regulations
  • Help manage compliance programs, promote implementation of industry standards, and evaluate control improvement opportunities
  • Align cybersecurity requirements with IT, procurement, and privacy departments in context of GRC and NIST CSF 2.0 objectives
  • Ensure procedures are up-to-date and communicate methodologies to broaden knowledge of cybersecurity risk processes and best practices
  • Contribute to security standards, policy reviews, and update GRC processes and practices annually or as needed
  • Assist in responding to inquiries from business units and ETX partners about operational cybersecurity compliance and risk mitigation
  • Review auditor requests for scope and evidence completeness and accuracy
  • Collaborate with business and engineering teams to identify and enhance control processes and prepare materials for audit meetings
  • Independently lead projects, coordinate cross-functional efforts, escalate issues appropriately, and communicate project status to management
  • Provide proactive advice and guidance on process and control enhancements

Requirements

  • Bachelor’s degree in information systems, computer science, cybersecurity, risk management, data analytics or a related field
  • 5+ years of direct experience in information security, with a main emphasis on risk and compliance
  • 3+ years of expertise conducting cybersecurity assessments and handling audit responses
  • Good understanding of relevant regulatory compliance requirements and/or emerging regulations (ISO27001, SOC 2, NIST, PCI, GDPR, AI)
  • Familiarity with or broad knowledge of various cyber domain controls such as data security, cloud security, identity and access management
  • Proven track record of organizing and carrying out several risk and compliance projects
  • Effective communication skills and the capability to communicate with cross-functional teams
  • Knowledge of GRC tool techniques and best practices (ServiceNow; JIRA; Archer)
  • Preferred: CRISC, CISA, CISM, or CISSP

ATS Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
risk assessmentsvalidation testingcompliance reviewsauditscybersecurity assessmentsaudit responsesdata securitycloud securityidentity and access managementcontrol processes
Soft skills
effective communicationproject managementcross-functional collaborationproblem-solvingleadershiporganizational skillsadvisory skillsguidancecoordinationstatus communication
Certifications
CRISCCISACISMCISSP
General Dynamics Information Technology

Senior Principal, IT Risk and Compliance Specialist

General Dynamics Information Technology
Seniorfull-time$132k–$178k / yearDistrict of Columbia, Louisiana · 🇺🇸 United States
Posted: 7 days agoSource: gdit.wd5.myworkdayjobs.com
CloudCyber SecurityFirewallsServiceNowSplunk
Onebrief

Cybersecurity Compliance Specialist

Onebrief
Senior · Leadfull-time$170k–$210k / year🇺🇸 United States
Posted: 10 days agoSource: jobs.ashbyhq.com
CloudCyber Security
General Dynamics Information Technology

Senior SOC Analyst

General Dynamics Information Technology
Seniorfull-time$84k–$113k / yearVirginia · 🇺🇸 United States
Posted: 20 days agoSource: gdit.wd5.myworkdayjobs.com
CloudCyber SecurityServiceNowSplunk
Devoteam

Risk and Compliance Manager

Devoteam
Mid · Seniorfull-time$4k–$4k🇱🇹 Lithuania
Posted: 18 days agoSource: jobs.smartrecruiters.com
ServiceNow
Dragonfli Group

Cyber Operational Technology / Industrial Control Systems (OT/ICS) Senior Consultant

Dragonfli Group
Seniorfull-time🇺🇸 United States
Posted: 30 days agoSource: www.comeet.com
CloudCyber SecurityIoTServiceNowSplunk