23 Jun
Governance, Risk and Compliance Team Lead
Vacancy expired!
Help change the world and improve the lives of North Dakota citizens by providing compliance, risk, and controls expertise to support various information security and compliance initiatives and activities to support Team ND. North Dakota Information Technology (NDIT) is seeking a
Governance, Risk, and Compliance (GRC) Manager for our Cybersecurity division. As our GRC Manager, you will perform information security control reviews or risk assessments within a variety of environments and industries. You will work collaboratively with business executives and IT professionals to evaluate customer information security program needs. You will develop information security policies and standards to align with the compliance frameworks. You will provide direct supervision, leadership, and guidance to the GRC team. You will directly report to the Chief Information Security Officer. You will be responsible to drive innovation through monitoring and evaluating emerging technologies to determine the impact on services and the feasibility of implementation. Help the business reduce risk by leading vulnerability and remediation efforts.To succeed in this position, you will be comfortable working in an environment with a continuous workload and an emphasis on customer service and quality. You will be an inquisitive and constant learner open to observation and feedback. You should be highly organized, able to manage yours and your team members’ time and priorities. You will be able to establish and maintain effective working relationships while working independently and within a team. You will be expected to have a deep knowledge of industry-standard frameworks. To be considered for this role, you must have a bachelor’s degree in computer or cyber science, computer information systems, or a related field, worked in a cybersecurity or GRC function for a minimum of five (5) years, and have experience which demonstrates your ability to conduct and lead information security control reviews or security audits, and develop and implement security policies and standards. Additional professional work experience may be substituted for the education requirement on a year for year basis.Vacancy expired!