IT Governance Risk Compliance Staff

The IT GRC Staff is responsible for ensuring that the company's IT operations and procedures comply with government and industry standards. They manage risks related to information security, privacy, and compliance, and develop and maintain an effective GRC framework

Key Responsibilities:

• Manage risks related to the use of Information Technology, Information Security, Privacy, Regulatory Compliance, and Governance.
• Ensure and monitor compliance with industry and government regulations at all levels.
• Conduct gap analysis and implement frameworks and standards such as ISO 27001, GDPR, NIST, and SOX.
• Develop and revise policies, standards, processes, and guidelines for the organization.
• Conduct vendor risk assessments against organizational security requirements.
• Continuously test and monitor the effectiveness of security controls.
• Perform research to assist threat assessment or risk mitigation activities.
• Develop mechanisms to align with the adoption and use of current and future technologies.

Job Requirements:

Qualifications:

• Bachelor's degree in Information Technology, Information Security, or a related field.
• Minimum of 2 years of work experience in GRC or a related position.
• In-depth knowledge of compliance standards and frameworks such as ISO 27001, GDPR, NIST, SOX, and others.
• Strong analytical skills and attention to detail.
• Good communication skills, both verbal and written.
• Ability to work independently and as part of a team.
• Experience with GRC tools like ServiceNow, Archer, or MetricStream is a plus.
• Contract employment for 6 months period.

Technical Competencies:

• Good understanding of information security principles and best practices.
• Ability to conduct risk assessments and gap analysis.
• Experience in developing and implementing security policies and procedures.
• Project management skills and the ability to work with various stakeholders.