GRC Architect /Information security senior consultant - Riva Scientific LLC

GRC Architect /Information security senior consultant.

New York Onsite

Job Description : 

The GRC Architect is an experienced role  and will work cross functionally across many security teams . You will be involved playing a critical role in ensuring that GRC functions are incorporated into key security services and program while validating risk mitigation functions are functioning correctly helping achieve higher desired security maturity level, leveraging your knowledge of security policies, standards, controls, and industry best practices to consult with partners across different teams.

 

Job Responsibilities:

 

Your responsibilities will also include:

•              Review information security policies and standards and evaluate and process exceptions

•              Identify gaps with respect to organization objective , regulatory and compliance requirements

•              Help streamline current compliance and risk management processes to achieve regulatory and Audit requirements.

•              Collaborating with cross-functional teams to identify policy, operational, and regulatory risks while evaluating the effectiveness of policies to report opportunities for improvement.

•              Experience in supporting cybersecurity risk and controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001, PCI-DSS, SOX, NIST CSF and regulatory requirements.

•              Conducts various security assessments and control reviews.

•              Experience in implementing NIST CSF, ISO standards to improve security posture.

•              Ability to Design controls to monitor risks and help achieve audit objectives.

•              Experience collaborating with various teams to get artifacts to assess operating effectiveness of compliance requirements.

•              Experience in running program for SOX,GDPR or other regulatory requirements

•              Experience using GRC or Privacy Tools like Archer and Onetrust.

•              Supports Incident Response teams as needed to collect artifacts for audit and internal investigations.

•              Utilizes industry standards and frameworks such as NIST Standards, MITRE ATT&CK & Defend Framework, and the Cyber threat Kill Chain.

•              Collaborates with various teams to understand cyber detection requirements.

•              Uses a customer centric approach to building detections and response.

Preferred Qualifications

•              Education Bachelor’s degree BTech / MCA /BS / - Computer Science background , Computer Science or  Management Information Systems is preferred

•              10 + years in cybersecurity experience related to working on projects and teams related to risk and controls management, compliance, information security, or related fields

•              Familiarity with Governance, Risk, and Compliance (GRC) tools such as RSA Archer ,Onetrust or ServiceNow

•              CISM, CISA, CISSP, CCSP, CASP, Security+, CRISC, CGEIT, GSEC, or other relevant certifications

not for Apple

GRC Architect /Information security senior consultant. New York Onsite Job Description : The GRC Architect is an experienced role and will work cross functionally across many security teams . You will be involved playing a critical role in ensuring that GRC functions are incorporated into key security services and program while validating risk mitigation functions are functioning correctly helping achieve higher desired security maturity level, leveraging your knowledge of security policies, standards, controls, and industry best practices to consult with partners across different teams. Job Responsibilities: Your responsibilities will also include: • Review information security policies and standards and evaluate and process exceptions • Identify gaps with respect to organization objective , regulatory and compliance requirements • Help streamline current compliance and risk management processes to achieve regulatory and Audit requirements. • Collaborating with cross-functional teams to identify policy, operational, and regulatory risks while evaluating the effectiveness of policies to report opportunities for improvement. • Experience in supporting cybersecurity risk and controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001, PCI-DSS, SOX, NIST CSF and regulatory requirements. • Conducts various security assessments and control reviews. • Experience in implementing NIST CSF, ISO standards to improve security posture. • Ability to Design controls to monitor risks and help achieve audit objectives. • Experience collaborating with various teams to get artifacts to assess operating effectiveness of compliance requirements. • Experience in running program for SOX,GDPR or other regulatory requirements • Experience using GRC or Privacy Tools like Archer and Onetrust. • Supports Incident Response teams as needed to collect artifacts for audit and internal investigations. • Utilizes industry standards and frameworks such as NIST Standards, MITRE ATT&CK & Defend Framework, and the Cyber threat Kill Chain. • Collaborates with various teams to understand cyber detection requirements. • Uses a customer centric approach to building detections and response. Preferred Qualifications • Education Bachelor’s degree BTech / MCA /BS / - Computer Science background , Computer Science or Management Information Systems is preferred • 10 + years in cybersecurity experience related to working on projects and teams related to risk and controls management, compliance, information security, or related fields • Familiarity with Governance, Risk, and Compliance (GRC) tools such as RSA Archer ,Onetrust or ServiceNow • CISM, CISA, CISSP, CCSP, CASP, Security+, CRISC, CGEIT, GSEC, or other relevant certifications not for Apple