Governance, Risk, and Compliance Specialist
Governance, Risk, and Compliance Specialist
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are looking for a detailoriented GRC Specialist to support our Governance Risk and Compliance functions. Youll focus on executing thirdparty risk assessments managing security awareness training supporting policy reviews and assisting with information security compliance initiatives.
Key Responsibilities:
- Conduct technical risk evaluations of third parties tools platforms and services.
- Perform vendor due diligence in accordance with SOC 2 and internal standards.
- Prepare and present assessment findings to the GRC Manager and Head of Information Security for final review and approval.
- Make recommendations to strengthen vendor security posture.
- Select and implement annual security awareness training programs.
- Maintain and deliver security training for new hires aligned with company policies.
- Assist in the maintenance and review of ITGRC policies and procedures collaborating with policy owners to ensure documents are current and aligned with controls.
- Support in responding to incoming information security questionnaires from clients or partners.
- Support evidence collection efforts for audits and internal reviews.
- Learn and contribute to broader GRC functions under the guidance of the GRC Manager.
Qualifications :
- 13 years of experience in Information Security Risk Compliance or IT Audit.
- Certified Governance Risk Compliance (CGRC) Security or agreed certification to be attained within agreed timeframe or other combinations of experience and relevant certifications preferred.
- Working understanding of SOC 2 NIST 80053 and ISO 27001 or similar frameworks required.
- Excellent oral and written communication ability especially for communicating technical risks to a nontechnical audience.
- Strong knowledge of the Microsoft Office suite of tools.
- Strong problemsolving analytical and critical thinking skills.
- Eagerness to learn and grow.
- Highly organized and ability to manage tasks independently while seeking guidance when appropriate.
- Prior experience with vendor management or thirdparty risk assessments preferred.
- Prior experience with SOC 2 and NIST 80053 compliance preferred.
Additional Information :
We want everyone at CapTech to be able to envision a lasting and rewarding career here which is why we offer a variety of career paths based on your skills and passions. You decide where and how you want to develop and we help get you there with customizable career progression.
CapTech is an equal opportunity employer committed to fostering a culture of equality inclusion and fairness each foundational to our core values. We strive to create a diverse environment where each employee is encouraged to bring their unique ideas backgrounds and experiences to the workplace. For more information about our Diversity Inclusion and Belonging efforts click HERE.
At this time CapTech cannot transfer nor sponsor a work visa for this position. Applicants must be authorized to work directly for any employer in the United States without visa sponsorship.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
