• Нанять
  • Найти исполнителей
  • Стать исполнителем
  • О нас
    • Услуги
  • Блог
    1. Главная
      2. /
    2. Программирование
      3. /
    3. Security consulting, Управление рисками, Security testing
      4. /
    4. Security GRC (Governance, Risk and Compliance) Specialist

    Security GRC (Governance, Risk and Compliance) Specialist

    Оплата: По договоренности
    Офис
    Удаленно
    Full-time
    Постоянная работа
    Security consulting Управление рисками Security testing

    Looking for Security GRC (Governance, Risk and Compliance) Specialist.


    Job Overview:

    The person in this role will be in charge of identifying, reviewing and managing the security Governance, Risk and Compliance internal programs and initiatives, working closely with the Operation Security and Application Security Teams, as well as various internal IT teams.

    Additionally, support the IT Security team in on-demand activities by being a facilitator in Initiatives with other IT Teams.


    Requirements:

    • 5+ years of relevant experience working in the IT security industry, including 2+ years in GRC, IT Audit, IT risk management, IT Security and/or similar compliance functions.
    • Strong skills in IT Security risk management.
    • Demonstrated experience in data governance framework setup and management activities in an enterprise environment.
    • Experience in the development of company security policies and risk, security or audit frameworks (e.g. ISO 27001, NIST, COSO).
    • Excellent communication skills in both technical and non-technical ways.
    • Fluent in English and in Russian: written, verbal, listening.
    • Attained a Bachelor’s degree in Information Systems, Engineering and related area (5+ years).
    • Attained Сybersecurity certifications such as CISSP, CRISK, Security+, etc is a plus.
    • Experience working as a Program Manager is a plus.
    • Experience working in Fintech, online businesses is a plus.
    • Results-oriented, commitment focused and team player.


    What Will You Do:

    • Continue developing, implement and manage the organization IT Security Risk Management framework.
    • Identify, manage and help reduce the IT Security risk across the organization, conduct risk assessment and gap analysis reviews related to information security risk matters.
    • Design, develop, implement and maintain a data governance framework across the company.
    • Manage compliance initiatives.
    • Develop, update, document and implement security policies and controls.
    • Ensure up-to-date and effective Information Security policies, standards and guidelines are in place to address requirements from internal and external.
    • Produce and manage relevant documentation and presentations, including Executive Reports.
    • Conduct internal security assessments/reviews.
    • Support and coordinate internal efforts to support IT compliance assessments and external security audits.
    • Coordinate inputs and craft accurate and effective responses to inquiries on information security matters coming from regulators, auditors, etc.
    • Support company-wide security training and awareness programs to meet training goals.
    • Help in the Implementation of Security tools.
    • Lead/Support Scrum ceremonies such as Refinement, Planning, Retrospectives, and Daily meetings.


    Relocation to Montenegro.