Infosec or GRC Leader

Job Title: Infosec or GRC Leader Location: Remote Duration: 6+ Months (Contract) Work Time zone: PST Hours Responsibilities: Support implementing and managing Information -Security Management Systems in accordance with ISO27001 standards. Support Risk Management program and co-ordinate Risk assessment activities Enhance existing Common Controls to align with business & customer needs and align with Information security policy and Standards. Coordinate ISMS roll-out efforts to individual business units in scope and support ISO27001 certification effort. Manage compliance and sustaining efforts to maintain Common controls implemented at individual business units. Support Supply Chain and Third-Party Vendor Risk management program activities Help prepare Security Assurance materials for internal and external audiences, including maintaining our Security responses to customer questionnaires. Prepare regular metrics related to Trust office programs, including ISMS, for management updates. Assist with evidence gathering for audits, update centralized GRC tool with audit performance, and perform related compliance activity. Assist in POC and enhancement of GRC tool supporting Trust office objectives. Perform Ad-hoc activities required to support the Trust office. Support ad-hoc meetings /updates in the early morning IST and PST Time Zone. Skill Set: 8-10 Years experience in Information Security, Compliance, Risk Management Expertise in Information Security implementation for ISO 27001 and other relevant standards such as SOX (US role)-NIST 800- 53, CMMC Preferred Certifications: CISSP, ISO 27001 Lead Auditor or Implementer