Required Qualifications:
Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Risk
Management, or related field.
Minimum 5-7 years of progressive experience in GRC roles, including at least
2 years in managerial capacity.
Proven expertise in automating GRC processes and managing AI-related ...
risks within complex organizational environments.
Strong knowledge of PCI DSS, SOC 2 Type 2, TCPA, SMS consent
compliance, and related regulatory frameworks.
Experience managing vendor compliance and third-party risk assessments.
Relevant certifications such as CRISC, CISM, CISSP, CGEIT, or GRCP
preferred.
Excellent leadership, communication, and stakeholder management skills.
Ability to influence cross-functional teams and drive organizational change.Detailed General description of the role:
Including preparing control owners for audits, interpreting control
requirements, reviewing control evidence for appropriateness, testing control
effectiveness, presenting control evidence to external auditors, and audit
planning with external auditors
In-depth knowledge of security controls, interpreting control requirements for
SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for
completeness an accuracy, and ensuring evidence provided to auditors
satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining
control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for
accuracy and completeness, following up on audit requests, and helping to
establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports
documenting findings.
Recommends and assists in the definition and implementation of security
controls in accordance with enterprise policies, standards, and procedures.
Work closely with internal business teams to assist in the identification and
assessment of potential security risks, and establish risk owners, ratings, and
management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS,
HIPAA, GDPR
Analyse potential impact of new threats and communicates risks to
relevant business units
Manage security operations, analyse security exceptions, gather necessary
background information, document exceptions and ensure that the risk is
recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment, Business
Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and
functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the
system
Prepare detailed and summary reports of assessments, remediation plans as
needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas
of improvement
experience
18show more Required Qualifications:
Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Risk
Management, or related field.
Minimum 5-7 years of progressive experience in GRC roles, including at least
2 years in managerial capacity.
Proven expertise in automating GRC processes and managing AI-related
risks within complex organizational environments.
Strong knowledge of PCI DSS, SOC 2 Type 2, TCPA, SMS consent
compliance, and related regulatory frameworks.
Experience managing vendor compliance and third-party risk assessments.
Relevant certifications such as CRISC, CISM, CISSP, CGEIT, or GRCP
preferred.
Excellent leadership, communication, and stakeholder management skills.
Ability to influence cross-functional teams and drive organizational change.Detailed General description of the role:
Including preparing control owners for audits, interpreting control
requirements, reviewing control evidence for appropriateness, testing control
effectiveness, presenting control evidence to external auditors, and audit
planning with external auditors ...
In-depth knowledge of security controls, interpreting control requirements for
SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for
completeness an accuracy, and ensuring evidence provided to auditors
satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining
control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for
accuracy and completeness, following up on audit requests, and helping to
establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports
documenting findings.
Recommends and assists in the definition and implementation of security
controls in accordance with enterprise policies, standards, and procedures.
Work closely with internal business teams to assist in the identification and
assessment of potential security risks, and establish risk owners, ratings, and
management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS,
HIPAA, GDPR
Analyse potential impact of new threats and communicates risks to
relevant business units
Manage security operations, analyse security exceptions, gather necessary
background information, document exceptions and ensure that the risk is
recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment, Business
Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and
functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the
system
Prepare detailed and summary reports of assessments, remediation plans as
needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas
of improvement
experience
18show more
