GRC Implementation Consultant - OneTrust

About The Position

Requirements

• Experience supporting or engineering GRC platforms - OneTrust.
• Strong hands-on experience with system configuration, user administration, data management, and workflow customization.
• Experience in API development and integration.
• Must be able to develop with FreeMarker (FTL) - Used by OneTrust-native Logic Preferred additional know of RESTful APIs for API communications, JavaScript for middleware/webhooks, Python/PowerShell for automation & orchestration and Json for data formatting.
• Solid understanding of IT service management processes-change, release, incident, and configuration management (aligned with ITIL).
• Working knowledge of governance frameworks (NIST CSF, COBIT 2019, ISO 27001), and data privacy, and GRC best practices.
• Strong analytical skills, including proficiency with reporting and visualization tools (e.g., Power BI, Tableau).
• Excellent documentation, troubleshooting, and cross-team communication skills.

Responsibilities

• Develops and Maintains: GRC system configurations, data models, and workflow designs to support evolving compliance and risk processes.
• API integrations between OneTrust and (e.g., identity management, ServiceNow CMDB, and ticketing tools).
• Dashboards, reports, and analytics to deliver real-time insights into control health, risk exposure, and remediation progress.
• Document system configurations, data flows, and integration logic for audit and change tracking purposes.
• Governs: Govern the intake of platform releases by reviewing vendor release notes, solution and process impacts, coordinating change activities, and communicating applicable enhancements to end users in accordance with IT change and release management practices.
• Coordinates : Act as the primary liaison between IT, GRC program owners, internal audit, and vendors for issue resolution, release scheduling, and platform enhancements.
• Coordinate bug triage, feature requests, and enhancement prioritization with system vendors and internal stakeholders.
• Partner with cybersecurity, COE, Audit, IT operations, and OT teams to ensure GRC systems align with broader governance and risk strategies.
• Support end users by managing system access requests, permissions, and troubleshooting assistance.
• Support existing solutions such as cookie compliance, data privacy solutions (DPIA, PIA, DSAR, ROPA, etc), exception requests, OT controls.
• Assesses/Monitors: System performance, integration reliability, and data accuracy, identifying opportunities for optimization.
• Assess automation and workflow effectiveness, recommending configuration or process improvements. Plus reports on enhancement and defect resolution metrics, ensuring timely execution and documentation.
• Evaluate new GRC capabilities or vendor releases to determine alignment with business needs and technology roadmap.
• Achieve: Maintain stable, secure, and high-performing GRC platforms that support compliance, audit, and cybersecurity needs Streamline ITGC, Risk, and Issues automation and workflow integration.
• Deliver faster, more reliable platform enhancements and data-driven insights for decision-making.
• Strengthen governance maturity across IT and OT through scalable, well-managed GRC technology solutions.