IT/IS GRC Specialist

About The Position

Requirements

• Bachelor's Degree and 2 years of IT / IS work experience with a broad range of exposure to systems analysis, application development, database design and administration OR 6 years of related work experience OR 6 years of related military experience.
• Understanding of IT / IS concepts and how to artciulate those in terms of risk.
• Verbal and written communication skills, including the ability to articulate complex concepts to various technical and non-technical audiences.
• Experience with and understanding of overall GRC concepts.
• Collaborate well with individuals across the business and IT, as well as at all levels of the organization.
• Interpret internal or external business issues and recommends best practices
• Take initiative to solve complex problems; takes an “outside –in”perspective to identify innovative solutions
• Work independently, with guidance in only the most complex situations

Nice To Haves

• Bachelor Degree in Computer Science, Information Systems, or other related field.
• Experience with a GRC solution.

Responsibilities

• execution of activities to support the it/is governance, risk and compliance (GRC) program
• creating and maintaining information technology and information security policies, standards and procedures which safeguard the integrity of and access to enterprise systems, files and data elements
• Analyzing, tracking and acting on information technology or information security policy exceptions, audits and assessments, including coordinating interviews, evidence collection and responses from appropriate subject matter experts, as well as approvals from it management
• Maintaining knowledge of changing technologies, and provides recommendations for adaptation of new technologies, processes or policies
• Recognizing and identifying potential areas where existing information technology or information security policies, standards and procedures require change, or where new ones need to be developed, especially as a result of future business expansion and technology advances
• Providing management with risk assessments and briefings / reports to advise them of critical information technology / information security issues that may affect the companys business objective and / or compliance
• Evaluating and recommending information technology and information security products, services and/or processes to reduce risk and maintain compliance with applicable policies, mandates, laws and regulations
• Implements the activities associated with the information technology and information security awareness programs and provides education and training on information technology and information security, security policies, standards and practices
• Performing control assessments and works with appropriate subject matter experts (SMEs) to document remediation plans

Benefits

• health and wellness benefits
• 401(k) savings plan
• pension plan
• paid time off
• paid parental leave
• disability insurance
• supplemental life insurance
• employee assistance program
• paid holidays
• tuition reimbursement
• other incentives