Job Description
Key Experience:
- Governance Risk and Compliance (GRC) and Cyber Security
- Program and/or Project Management
- Risk and Control Assessments
- Data Collection, Analysis, and Reporting
- IT or Robotic Process Automation
- IT Risk Background (risk assessments and life cycle, process flows, controls, mapping, etc.)
- IT, Cyber, Privacy Frameworks (e.g, ISO, NIST, GDPR, CCPA, PCI, NY DFS, etc.)
Responsibilities:
- Identify and document cyber security and information risks.
- Conduct assessments of risk and capability maturity of people, process, and technology to derive outcomes that are meaningful to executive leadership.
- Work and partner with business and IT peers to assess risks and identify solutions to enable technology delivery in a secure and efficient manner.
- Develop key artifacts to assess and measure risks; provide ongoing management and tracking for issues and action plans assigned to owners.
- Maintain risk register and risk taxonomy.
- Operationalize risk management processes and procedures.
- Develop program communications and enhance reporting via dashboards.
- Document and maintain operational risk runbooks/policies/procedures/flow charts, etc.
- Assist in a GRC tool implementation.
- Identify org s policy needs and operationalize policy lifecycle management workflows with IT and business partner teams.
Key skill Required
- SAP GRC/Security
Designation
- Consultant
