Senior GRC Specialist (Risk and Business Continuity)

Senior GRC SpecialistJob Title: Senior GRC Specialist (Risk and Business Continuity)Department: Governance, Risk, and Compliance (GRC)Reports To: Vice President, Information Security and Compliance OverviewSenior GRC Specialist role is critical in ensuring that the organization's risk management processes are comprehensive, and that effective business continuity strategies are in place to manage and mitigate operational risks. Key Responsibilities

1. Risk Management: Lead the development and implementation of risk management strategies and frameworks. Conduct regular risk assessments to identify, evaluate, and prioritize risks in alignment with corporate objectives. 

1. Business Impact Analysis (BIA): Conduct and maintain BIAs to determine and quantify the impact of disruptions to business operations and services. Ensure these analyses are updated to reflect changing business conditions. 

1. Business Continuity Planning (BCP): Develop, implement, and maintain comprehensive BCP strategies to ensure timely recovery of operations in the event of an incident. Coordinate BCP exercises to validate and refine plans. 

1. Compliance Monitoring: Ensure all risk management and business continuity practices comply with regulatory requirements and industry standards, including ISO 22301, ISO 27001, and other relevant frameworks. 

1. Training and Awareness: Facilitate training sessions and workshops to raise awareness and competence in risk management, BIA, and BCP across the organization. 

1. Incident Management Support: Provide expert guidance and support during incidents that trigger business continuity plans. Analyze the effectiveness of response strategies and recommend improvements. 

1. Reporting and Documentation: Prepare detailed reports on risk exposure, compliance issues, and business continuity readiness for senior management. Ensure all documentation is up-to-date and compliant with legal and regulatory requirements. 

 Required Qualifications

1. Bachelor’s degree in Risk Management, Business Administration, Information Technology, or a related field; Master’s degree preferred. 

1. Professional certifications such as Certified Risk Manager (CRM), Certified Business Continuity Professional (CBCP), or similar. 

1. Minimum of 7 years of experience in GRC, with a strong focus on risk management and business continuity planning. 

1. Proven track record of developing and managing BIA and BCP processes in a complex business environment. 

 Key Skills

1. Excellent analytical and strategic thinking skills. 

1. Strong project management abilities and leadership skills. 

1. In-depth knowledge of risk assessment tools and methodologies. 

1. Experience with GRC platforms and software. 

1. Effective communication skills, both written and verbal.