04 Nov
Governance Risk and Compliance Professional
Virginia, Arlington , 22203 Arlington USA

job summary:Our Arlington, VA client is seeking a GRC expert for a long term contract. The senior professional will provide expert advice and collaborate with technical staff and business owners to identify and assess controls to adequately safeguards data and information systems. Candidates should be willing to work onsite 3-5 days a week. location: Arlington, Virginiajob type: Contractsalary: $75.00 - 78.12 per hourwork hours: 8am to 4pmeducation: Bachelors responsibilities:

  • Perform and run audits, certification programs and control/risk assessments, including scope planning, defining control procedures, policies and standards, control testing, mapping issues to risks and communicating results.
  • Conduct risk assessments to ensure that information security risks are identified, assessed, and managed across all applicable Business Areas.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the company's reputation and safeguarding clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
  • Serves as key member of the company's information security and compliance program.
  • Develop and support KPI's and KRI's metrics and reporting of the Information Security Program through the collection and analysis of effectiveness measures across the organization.
  • Coordinate with external auditors, identify gaps and coordinate with internal subject matter experts to remediate all findings.
  • Develop and support the Policy/Standard/Procedure program ensuring all IT and Security policies are tracked, reported, and approved with tracking of implementation and appropriate reporting to senior management, in accordance with information security industry best practices frameworks.
  • Supervise policy exception requests to ensure that all exceptions are properly identified/reported, evaluated, and justified across all Information Security functions.
  • Assess system or network designs for risk and compliance that encompass multiple enclaves, including those with different data protection or classification.
  • Identifies and develops security requirements for systems, data, and technical capabilities in the cloud, on-premises, and third-party vendors
  • Keep up with ongoing trends and changes within the GRC community, and make sure that the organization is up to date with the latest relevant methods and practices
  • Enable and mature the Third-Party Supplier Security to ensure that assets are appropriately safeguarded by reviewing contracts for security requirements and inserting risk management practices within existing processes.
qualifications:
  • Experience level: Manager
  • Minimum 10 years of experience
  • Education: Bachelors (required)
skills:
  • governance
  • risk
  • compliance
  • risk assessment
  • audit
  • ServiceNow GRC
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.


Related jobs

Report job