Senior Security Governance, Risk, Compliance
3 weeks ago
Senior Security Governance, Risk, Compliance (GRC) Analyst
San Jose, CA - Hybrid role
6 Months Contract
Reporting to the Director Information Security, Governance, Risk, and Compliance, the
Senior GRC Analyst will contribute to the development and operational execution of the
program, including risk management and compliance with standards and regulations such
as ISO27001 and EU GDPR.
Responsibilities
Support the GRC operating model and the service-oriented customer engagement model.
• Provide Cybersecurity Risk Management leadership and operational delivery of the program.
• Support GRC capabilities, such as compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
• Assist to manage security compliance programs and activities that support various compliance regulations.
• Perform risk assessments to address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Collaborate with various operational and business teams to complete assessments, develop treatment plans, and drive remediation items to closure.
• Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
• Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
• Establish and maintain security metrics and reporting.
• Respond to customer security/compliance questionnaires.
• Act as security risk management "ambassador” to internal customers.
Accountable for
• The use of defined risk methodologies and best practices to perform IT/Security
• assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
• Driving remediation activities from identification, treatment plan, remediation, and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
• Operations and improvements of security audit and compliance programs to support various compliance regulations.
• Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management. Support the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk.
Qualifications
• Candidate must have at least 7 years working in governance, risk and compliance
• and/or information security and risk management, and at least 5 in risk management.
• Functional knowledge of the CISSP security domains and information security
• industry standard and best practices.
• Functional knowledge of applicable security regulatory and compliance requirements (SOX, GDPR). Functional knowledge of ISMS governance models and analysis of certification reports (i.e. ISO 27001, SOC, CAIQ), information
• security roles, security controls.
• Ability to communicate risk methodologies and concepts to business units and IT teams.
• Demonstrated experience with controls definition, development, implementation and assessment.
• Strong interpersonal skills and ability to work effectively with diverse and globally distributed teams.
• Strong attention to detail, project management and organizational skills.
• Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
• Ability to independently lead program areas and cross-functional teams to deliver high quality results according to well-defined planning.
• Define and communicate program and activity plans and roadmaps, and effectively collaborate with all business and IT groups to achieve goals.
-
Senior Security Governance, Risk, Compliance
6 days ago
San Jose, United States Amiseq Inc. Full timeSenior Security Governance, Risk, Compliance (GRC) Analyst San Jose, CA - Hybrid role 6 Months Contract Reporting to the Director Information Security, Governance, Risk, and Compliance, the Senior GRC Analyst will contribute to the development and operational execution of the program, including risk management and compliance with standards and regulations...
-
Senior Security Governance, Risk, Compliance
1 week ago
San Jose, United States Amiseq Inc. Full timeSenior Security Governance, Risk, Compliance (GRC) Analyst San Jose, CA - Hybrid role 6 Months Contract Reporting to the Director Information Security, Governance, Risk, and Compliance, the Senior GRC Analyst will contribute to the development and operational execution of the program, including risk management and compliance with standards and regulations...
-
Senior Security Governance, Risk, Compliance
1 week ago
San Diego, United States Amiseq Inc. Full timeSenior Security Governance, Risk, Compliance (GRC) Analyst San Jose, CA - Hybrid role 6 Months Contract Is this the role you are looking for If so read on for more details, and make sure to apply today. Reporting to the Director Information Security, Governance, Risk, and Compliance, the Senior GRC Analyst will contribute to the development and...
-
Senior Security Governance, Risk, Compliance
5 days ago
San Diego, United States Amiseq Inc. Full timeSenior Security Governance, Risk, Compliance (GRC) AnalystSan Jose, CA - Hybrid role6 Months Contract Is this the role you are looking for If so read on for more details, and make sure to apply today. Reporting to the Director Information Security, Governance, Risk, and Compliance, theSenior GRC Analyst will contribute to the development and operational...
-
Governance, Risk, Compliance Consultant
4 days ago
San Antonio, United States SRL TotalSource LLC Full timeJob Description Job Description Hello! SRL TotalSource has an outstanding reputation for providing exceptional services for our clients. Our vision is to make long-lasting, reliable solutions focusing on Cyber, Medical Health Professional Staffing, and Training and Support services in the Government contracting space. With our vision in mind, we are always...
-
Governance, Risk, Compliance Consultant
7 days ago
San Antonio, United States SRL Total Source LLC Full timeJob DescriptionJob DescriptionHello!SRL TotalSource has an outstanding reputation for providing exceptional services for our clients. Our vision is to make long-lasting, reliable solutions focusing on Cyber, Medical Health Professional Staffing, and Training and Support services in the Government contracting space. With our vision in mind, we are always...
-
Security Compliance Specialist
4 weeks ago
San Jose, United States Vets Hired Full timeAbout the job Security Compliance Specialist Responsibilities: Support the maintenance of strong governance, risk, and the compliance process for ISO 27001. Continuously improve the security framework, methodology, standards, and system of internal controls. Govern the NCR process and ensure corrective actions are completed. Establish and monitor...
-
Senior Manager, Ethics and Compliance
2 weeks ago
San Jose, United States Intelliswift Full timeSenior Manager, Ethics and Compliance Job ID: 24-02661 Title - Senior Manager, Ethics and Compliance (Anti-Corruption Focus) Location - San Jose, CA Duration - 6 Months Pay rate - $80.99 per hour on W2 Ethics and Compliance department is looking for a Senior Manager of Ethics and Compliance with Anti-Corruption focus . The Senior Manager coordinates all...
-
Security Risk Management Specialist
4 days ago
San Jose, United States Canonical - Jobs Full timeJob DescriptionJob DescriptionIn security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across...
-
Senior Director, Corporate Security
4 weeks ago
San Francisco, California, United States Pacific Gas and Electric Company Full timePosition SummaryCorporate security is dedicated to shielding the business from both internal and external threats targeting personnel, facilities, and assets. The principal role of a corporate security team is to proactively identify, assess, and mitigate physical and cyber risks that an organization may face.Corporate security teams carry out comprehensive...
-
Manager, Information Security GRC
5 days ago
San Jose, United States Amadeus Full timeManager, Information Security GRC page is loaded Manager, Information Security GRC Apply locations San Jose time type Full time posted on Posted Yesterday job requisition id R17312 Job Title Manager, Information Security GRC About the Business: The Hospitality CISO Office consists of three teams of security experts: SEC-HOS-GRC (Governance, Risk and...
-
Senior Cyber Risk Manager
4 weeks ago
San Francisco, United States Avant Digital Inc Full timeJob DescriptionJob DescriptionContract Duration - 12 monthsContract type - Contract/ C2CLocation - Remote (EST or PST time zone) Job Description:-As the Senior Cyber Risk Manager, you will be responsible for overseeing the identification, assessment, mitigation, and monitoring of technology-related risks within the organization. You will play a pivotal role...
-
Senior Cyber Risk Manager
4 weeks ago
San Francisco, California, United States Avant Digital Inc Full timeContract Duration - 12 months Contract type - Contract/ C2C Location - Remote (EST or PST time zone) Job Description:- As the Senior Cyber Risk Manager, you will be responsible for overseeing the identification, assessment, mitigation, and monitoring of technology-related risks within the organization. You will play a pivotal role in ensuring our...
-
Senior Director, Corporate Security
4 weeks ago
San Francisco, United States Pacific Gas and Electric Company Full timePosition Summary Corporate security is dedicated to shielding the business from both internal and external threats targeting personnel, facilities, and assets. The principal role of a corporate security team is to proactively identify, assess, and mitigate physical and cyber risks that an organization may face. Corporate security teams carry out...
-
Risk & Compliance Managing Director
19 hours ago
San Francisco, United States Wipro Limited Full timeOverview: **Risk & Compliance Managing Director** **Managing Director, Risk** Edgile is a rapidly growing professional services firm offering a comprehensive set of services in three inter-related disciplines: Risk and Security, Identity and Access Management, and Cloud Security. Our teams help some of the world’s largest name brand companies solve...
-
Associate Security Assessor
4 weeks ago
San Diego, United States RSI Security Full timeJob DescriptionJob DescriptionTHIS IS A REMOTE, WORK-FROM-HOME POSITION.The starting salary range is based on your experience, education, and skills. There is also bonus potential for this position.RSI Security is a small organization where collaboration is not only encouraged, but expected. We value relationships within our team and are intentional to build...
-
Associate Security Assessor
1 month ago
San Diego, United States RSI Security Full timeTHIS IS A REMOTE, WORK-FROM-HOME POSITION.The starting salary range is based on your experience, education, and skills. There is also bonus potential for this position.RSI Security is a small organization where collaboration is not only encouraged, but expected. We value relationships within our team and are intentional to build and maintain a strong team...
-
Client Service Manager, Security
6 days ago
San Jose, United States PalAmerican Security Full timeOverview PalAmerican Security is the security company of choice amongst some of the most respected institutions in the country, protecting the public and government facilities. We are committed to offering the best employment and career development opportunities in the security industry because we want the very best and brightest people our industry has to...
-
Security Governance Partner
4 days ago
San Francisco, California, United States Block Full timeCompany DescriptionIt all started with an idea at Block in 2013. Initially built to take the pain out of peer-to-peer payments, Cash App has gone from a simple product with a single purpose to a dynamic ecosystem, developing unique financial products, including Afterpay/Clearpay, to provide a better way to send, spend, invest, borrow and save to our 47...
-
San Mateo, United States Snowflake Computing Full timeBuild the future of data. Join the Snowflake team. AS A SENIOR / PRINCIPAL PRODUCT MANAGER AT SNOWFLAKE, YOU WILL: Lead and build out Snowflake’s compliance and product security solutions for our global business including regulated industries across numerous strategic verticals. In this new position, you will help lead, develop and manage the global...