GRC - Risk & Compliance Specialist

The client's mission is to protect the worlds most sensitive data by equipping organizations to detect, investigate and stop advanced cyber-attacks.

Attackers are relentless and clever. They hide their exploits deep inside networks, email and endpoints. They dig as deep as attackers hide. With it, customers will know when they are being attacked, and they can retrace attackers steps and freeze them in their tracks.

The elite team of incident responders is in the trenches every day assisting customers to manage their way through critical security incidents of all kinds. This seat on the front lines gives us a unique view to see what works and what doesnt when it comes to keeping attackers at bay.

Take a seat with our preeminent team and be a part of our mission to give our customers the power to combat todays sophisticated advanced threats with a robust, comprehensive portfolio of products, services, and expertise.

Join a team where you can make a difference!

What about the project?

Due to growth and our commitment to continual improvement, we are looking for an experienced Risk and Compliance Specialist to join our multi-disciplined IT, Security, and Compliance team. This role will be responsible for all day-to-day GRC activities and FedRAMP tasks for the client.

Requirements:

• 5+ years of relevant experience a GRC role or similar
• Internal auditor certification for ISO 27001, 27701 / GDPR preferable
• Previous experience regarding FedRAMP is a huge asset
• Highly proficient in audit methodologies, especially but not limited to those applicable in IT environments
• Having quality management systems i.e. ISO 9001 is a huge asset
• Previous experience executing and managing internal/external ISO audits
• Proficient in IT governance and quality standards
• Experience writing high-quality documentation and reports
• Agile and highly adaptable to changing priorities.

• Experience working in a global, team-oriented, collaborative environment including virtual/remote working.
• Excellent written and verbal English communication skills.

Tasks & Responsibilities:

• Develop, implement, and maintain a continual improvement program, that covers all aspects of governance, risk, and compliance
• Ensure systems owned and operated by the IT, Security, and technical teams across the company are in conformance with the necessary security standards and guidelines.
• risk management and audit preparation activities as well as scheduling and leading the execution of business continuity exercises and documentation
• Maintaining, updating, implementing, and ensuring the adherence of defined information security-related policies and procedures for the company.
• Manage compliance and improve business processes and operations by supporting a program of internal audits and external assessments against adopted standards (e.g. ISO 27001, ISO 27701, ISO20000, GDPR, etc.)
• Manage the continual flow of vendor security and data privacy questionnaires, liaising with internal teams where necessary to ensure timely completion.
• Responsible for risk management and audit preparation activities within the company
• Responsible for regular reporting of Key GRC metrics and risks to the Assima management, GRC Leadership, and other such key stakeholders.
• Leading incident management procedures within Assima covering information security and data privacy incidents.

Diversity is important to us:

At the heart of our company is a diverse group of employees who rely on their intimate knowledge of customer requirements and a unique blend of skill and innovation to develop and deliver the best possible products and services. The company encourages the inclusion of all people and a work environment free from discrimination.

They are dedicated to the principles of equal employment and advancement of people based on their individual qualifications, skills and abilities. This commitment is supported by policies and procedures that foster a nondiscriminatory workplace. Guided by a rigorous code of ethics that is applied with integrity, these fundamental characteristics are reflected throughout our organization and are key components of the strength we deliver to our customers.

Looking forward to get in touch with you!