Governance Risk and Compliance
Governance Risk and Compliance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Description
Job Summary:We are seeking a highly skilled and experienced GRC Principal to join our team. The ideal candidate will have a deep understanding of the Factor Analysis of Information Risk (FAIR) model the NIST Cybersecurity Framework (CSF) and be proficient in leveraging the SafeSecurity platform. With over 10 years of experience in Governance Risk and Compliance (GRC) with a strong emphasis on risk management this individual will play a critical role in enhancing our GRC capabilities.
Key Responsibilities:
Lead the development and implementation of cyber risk management strategies using the FAIR model and SafeSecurity platform.
Conduct comprehensive risk assessments and quantify cyber risks in terms of loss magnitude and likelihood.
Collaborate with crossfunctional teams to identify assess and mitigate cyber risks.
Provide expert guidance on GRC practices and ensure compliance with industry standards and regulations.
Implement and integrate the NIST Cybersecurity Framework (CSF) into the organizations GRC practices.
Develop strategies to align the organizations cybersecurity efforts with the NIST CSF including identifying protecting detecting responding and recovering from cyber threats.
Communicate risk findings and recommendations to senior leadership and stakeholders.
Stay current with emerging cyber threats vulnerabilities and best practices in risk management.
Qualifications:
Bachelors degree in Information Security Cybersecurity Risk Management or a related field. Advanced degree preferred.
Minimum of 10 years of experience in GRC with a strong emphasis on risk management.
Indepth knowledge of the FAIR model and experience using the SafeSecurity platform.
Proven track record of conducting risk assessments and developing risk mitigation strategies.
Strong understanding of the NIST Cybersecurity Framework (CSF) and experience implementing it in GRC practices.
Strong understanding of industry standards and regulations related to cybersecurity and risk management.
Excellent analytical problemsolving and communication skills.
Ability to work effectively in a fastpaced dynamic environment.
Preferred Skills:
Certifications such as CISSP CISM CRISC or similar.
Experience with other cyber risk management frameworks and tools.
Strong leadership and project management skills.
Disclaimer
This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties skills responsibilities knowledge etc. These may be subject to change and additional functions may be assigned as needed by management.
Job
Data & Information TechnologySchedule
Full timeShift
No shift premium (United States of America)Travel
Relocation
Equal Opportunity Employer (EEO)
HP Inc. provides equal employment opportunity to all employees and prospective employees without regard to race color religion sex national origin ancestry citizenship sexual orientation age disability or status as a protected veteran marital status familial status physical or mental disability medical condition pregnancy genetic predisposition or carrier status uniformed service status political affiliation or any other characteristic protected by applicable national federal state and local law(s).
Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.
If youd like more information about HPsEEO Policyor your EEO rights as an applicant under the law please click here:Equal Employment Opportunity is the LawEqual Employment Opportunity is the Law Supplement
Employment Type
Full-Time
