GRC Governance Specialist - Stride, Inc.
Richmond, VA
About the Job
Job Description
The GRC Governance Specialist plays a pivotal role in overseeing and supporting essential Cybersecurity and Information Security initiatives. This position ensures that the organization complies with regulatory requirements and internal policies. Conducting thorough analysis to identify discrepancies between current security policies and industry best practices, and highlighting areas for improvement to enhance the overall security posture. Developing and maintaining robust security policies to safeguard Stride's data and IT infrastructure. Regularly reviewing and updating policies to ensure compliance with evolving regulations and industry standards. Providing comprehensive training and guidance to staff on security best practices and policy adherence, fostering a culture of security awareness throughout the organization.
SUMMARY: The GRC Governance Specialist plays a pivotal role in overseeing and supporting essential Cybersecurity and Information Security initiatives. This position ensures that the organization complies with regulatory requirements and internal policies. Conducting thorough analysis to identify discrepancies between current security policies and industry best practices, and highlighting areas for improvement to enhance the overall security posture. Developing and maintaining robust security policies to safeguard Stride's data and IT infrastructure. Regularly reviewing and updating policies to ensure compliance with evolving regulations and industry standards. Providing comprehensive training and guidance to staff on security best practices and policy adherence, fostering a culture of security awareness throughout the organization.
Essential Functions : Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.
Supervisory Responsibilities: This position has no formal supervisory responsibilities.
Minimum Required Qualifications :
Certificates and Licenses: None required.
OTHER REQUIRED QUALIFICATIONS:
The GRC Governance Specialist plays a pivotal role in overseeing and supporting essential Cybersecurity and Information Security initiatives. This position ensures that the organization complies with regulatory requirements and internal policies. Conducting thorough analysis to identify discrepancies between current security policies and industry best practices, and highlighting areas for improvement to enhance the overall security posture. Developing and maintaining robust security policies to safeguard Stride's data and IT infrastructure. Regularly reviewing and updating policies to ensure compliance with evolving regulations and industry standards. Providing comprehensive training and guidance to staff on security best practices and policy adherence, fostering a culture of security awareness throughout the organization.
SUMMARY: The GRC Governance Specialist plays a pivotal role in overseeing and supporting essential Cybersecurity and Information Security initiatives. This position ensures that the organization complies with regulatory requirements and internal policies. Conducting thorough analysis to identify discrepancies between current security policies and industry best practices, and highlighting areas for improvement to enhance the overall security posture. Developing and maintaining robust security policies to safeguard Stride's data and IT infrastructure. Regularly reviewing and updating policies to ensure compliance with evolving regulations and industry standards. Providing comprehensive training and guidance to staff on security best practices and policy adherence, fostering a culture of security awareness throughout the organization.
Essential Functions : Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.
- Mature, execute and maintain a policy management lifecycle process, including develop, implement, and manage communication of security policies, control standards, best practices and guidance.
- Document current state policy and procedures, research best practices, identify gaps, and develop target state for IT security oversight process.
- Provide subject matter expertise in governance, focusing on strategic initiatives and the latest emerging technologies and trends.
- Provide support for security governance activities, including managing communication about security policies, standards, and control frameworks.
- Continuously assess existing policies for relevancy and accuracy and partner with the business to identify and manage risks associated with policy violations and exceptions.
- Identify, assess, track and report on security risks across the enterprise. Track risk decisions and remediation plans and communicate risks to both technical and non-technical audiences.
- Work closely with the Risk Manager to identify IT security risks to the business, work with the security team on client security reviews, and drive the development of remediation plans for both when appropriate.
- Develop reporting for management by analyzing IT security controls and risk exposure.
- Plan, manage, and maintain the organization-wide security awareness program to increase awareness of information security policies and standards through training and communication.
- Develop compelling and effective security awareness content, training and campaigns from concept to writing, editing, uploading, and publishing across multiple communication channels.
- Create and report on phishing simulations and other social engineering campaigns to heighten security awareness and engagement.
- Maintain key metrics and leadership dashboards to assess and track the performance of the security awareness program.
- Consistently deliver high-quality services and deliverables to clients.
Supervisory Responsibilities: This position has no formal supervisory responsibilities.
Minimum Required Qualifications :
- Bachelor's degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, Cybersecurity Policy, or related field required AND
- Seven (5) years of experience in IT Security, IT Governance, Risk, & Compliance
- Equivalent combination of education and experience, including prior relevant military service experience.
Certificates and Licenses: None required.
OTHER REQUIRED QUALIFICATIONS:
- Demonstrate experience with developing and maintaining information security policies and standards aligned to regulatory or other control frameworks such as NIST, SOX, HIPAA, FERPA, etc.
- Strong experience initiating, facilitating, and promoting Cybersecurity awareness and e
Source : Stride, Inc.