GRC & Cybersecurity Lead

Tasks

• Automate compliance workflows and evidence collection
• Communicate security posture and risk trends to executives
• Conduct IT audits and manage audit tooling
• Coordinate with auditors regulators and vendors
• Deliver compliance reporting to management and regulators
• Develop and manage GRC framework
• Develop security metrics dashboards and reporting pipelines
• Develop security policies, standards, and procedures
• Ensure compliance with security and privacy regulations
• Identify assess and monitor IT risks
• Implement configure and mature GRC tooling
• Integrate GRC and cybersecurity into projects and operations
• Integrate GRC workflows with Jira Confluence and Slack
• Lead security awareness training programs
• Maintain IT risk register
• Manage third party and vendor security risk
• Oversee cybersecurity controls tools and processes
• Own audit preparation evidence collection and remediation tracking
• Plan conduct tabletop exercises and perform post incident reviews
• Support enterprise risk management
• Translate parent company security requirements into local policy

Perks/Benefits

• Competitive salary and benefits
• Cross-functional collaboration
• Flexible remote work options

Skills/Tech-stack

APPI | AWS | Atlassian Confluence | Atlassian Jira | Audit management | Automation Scripting | Business Continuity | Business Continuity Planning | Cloud Security | Continuity planning | GRC Tooling | Governance Risk | Governance Risk and Compliance | ISO 27001 | IT Risk | IT Risk Management | Incident Response | Information security | Installment Sales Act | N8n | NIST CSF | Policy Development | RSA Archer | Risk Management | Risk and Compliance | Risk register | SOC 1 | SOC 2 | Security Policy | Security Policy Development | Security metrics | Slack | Tabletop Exercises | Third Party | Third-Party Risk | Third-party risk management | Vanta | Workflow automation