GRC Security compliance leader

Job Title: GRC Security Compliance Leader

Location: Remote

Duration: 12+ Months (Contract)

Work Time zone: PST Hours

Responsibilities:

• Support implementing and managing Information -Security Management Systems by ISO27001 standards.
• 3rd party Risk/compliance Assessment through a questionnaire.
• Customer and Vendor Contracts Risk Assessment.
• Cloud security experience has been needed since today when many vendors' products are in SAAS form.
• Coordinate ISMS roll-out efforts for individual business units in scope and support ISO27001 certification efforts.
• Manage compliance and sustaining efforts to maintain Common controls implemented at individual business units.
• Support Supply Chain and Third-Party Vendor Risk management program activities
• Enhance existing Common Controls to align with business & customer needs and Information security policy and Standards.
• Help prepare security assurance materials for internal and external audiences, including maintaining our security responses to customer questionnaires.
• Prepare regular metrics related to Trust office programs, including ISMS, for management updates.
• Assist with evidence gathering for audits, update centralized GRC tool with audit performance, and perform related compliance activity.
• Assist in POC and enhancement of GRC tool supporting Trust office objectives.
• Perform Ad-hoc activities required to support the Trust office.
• Support ad-hoc meetings /updates in the early morning IST and PST Time Zone.
  
  

Skill Set:

• 8-10 Years experience in Information Security, Compliance, Risk Management
• Expertise in Information Security implementation for ISO 27001 and other relevant standards such as SOX (US role)-NIST 800- 53, CMMC.