GRC Consultant

Role: GRC Consultant

Location: Santa Clara, CA (Onsite)

Duration: Long Term

Roles and Responsibility:

• Demonstrate strong knowledge in IT controls, risk assessments, and testing of security measures
• Identify opportunities to continuously innovate and improve the program and value delivered to organization
• Ensure successful completion of the annual supplier cybersecurity assessment.
• Perform on site control validation to ensure the highest impact suppliers have the proper cybersecurity controls in place.
• Independently and proactively plans and performs assigned audit engagements related to security, confidentiality, integrity, information protection and availability of data
• Conduct audit & evaluate in alignment to the supply cyber security control framework.
• Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit for existing certified suppliers
• Inform and advise business leaders on supplier's information security risks
• Provide subject matter expertise in third party risk management.
• Post audit assessment reports and update stakeholders on findings

Qualifications:

• Bachelor's degree in science & Engineering or technical discipline is required.
• 6+ years of information security & audit experience with increased responsibilities
• In depth knowledge of security assessment/audit principles
• Understanding of networking principles and data protection
• Ability to identify problems, analyze data and present conclusions.
• Strong verbal, written and presentations skills
• Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred.
• CISA, CISSP, CISM, certifications are preferred.
• Excellent English communication skills.
• Able to work as part of a virtual global team with cultural, language, and time zone differences.
• Able to deal with ambiguity and work independently with minimal supervision/guidance.