Infosec or GRC Leader

Job Title: Infosec or GRC Leader

Location: Remote

Duration: 6+ Months (Contract)

Responsibilities:

• Support implementing and managing Information Security Management Systems in accordance with ISO 27001 standards.
• Support Risk Management program and coordinate Risk assessment activities.
• Enhance existing Common Controls to align with business and customer needs, and ensure compliance with Information Security policies and standards.
• Coordinate ISMS roll-out efforts to individual business units within scope and support ISO 27001 certification efforts.
• Manage compliance and ongoing efforts to maintain Common Controls at individual business units.
• Support Supply Chain and Third-Party Vendor Risk Management program activities.
• Help prepare Security Assurance materials for internal and external audiences, including responses to customer questionnaires.
• Prepare regular metrics related to Trust Office programs, including ISMS, for management updates.
• Assist with evidence gathering for audits, update centralized GRC tools with audit performance data, and perform related compliance activities.
• Assist in POC and enhancement of GRC tools supporting Trust Office objectives.
• Perform ad-hoc activities required to support the Trust Office.
• Support ad-hoc meetings and updates in early morning IST and PST time zones.

Skill Set:

• 8-10 years of experience in Information Security, Compliance, and Risk Management.
• Expertise in implementing Information Security standards such as ISO 27001, SOX (US role), NIST 800-53, and CMMC.
• Preferred Certifications: CISSP, ISO 27001 Lead Auditor or Implementer.