GRC Analyst

At Richemont Americas, we are proud to employ talent from many different backgrounds, experiences, and identities. We believe that when diversity and inclusion are fully embraced and empowered, creativity and knowledge emerge to deliver excellence. We continue to work towards creating a workforce that represents the diversity of our clients and our communities.

Technology Governance, Risk and Compliance Analyst

Richemont | Shelton, CT

Role Overview

The Technology Governance, Risk & Compliance (Technology GRC) Analyst will support the Regional Technology GRC Manager to ensure that the different Group (HQ) Technology departments in the region adhere to internal security standards as well as external regulatory compliance requirements by defining IT Standards and advising the IT community on the design of relevant security controls.

This position supports and coordinates the risk and compliance self-assessment activities of the service owners in context of the regional Group Technology community.

This position will support the key interface of IT in the context of security, risk & compliance activities. In this capacity, they will closely support and collaborate with the compliance responsible of the other Group Technology departments, The Regional Manager, the Group IT GRC Manager and the Group Security community.

Responsibilities

• Support compliance and security assessment efforts with both external and internal stakeholders
• Maintain established trusted relationship with IT Operational Teams (incl. Infrastructure, Enterprise Application & Digital) as well as relevant Security, Risk & Compliance stakeholders in the region and beyond
• Further develop and document IT Standards comprising IT GRC relevant aspects
• Support stakeholders, develop a holistic approach to authorization management across all technology areas.
• Support the Group in defining the future approach to IT risk & compliance management in collaboration with Group Security
• Support the implementation of Group IT standards within the regions and provide visibility to Group IT GRC function regarding gaps identified.
• Support & coordinate business continuity activities aligned with central Group Technology and Group Security functions.
• Actively support the remediation of vulnerabilities identified by Cyber Resilience team at the regional level (when not handled by Group IT)
• Support the maintenance of the regional asset inventory and classification of applications
• Support Group technology functions, when new technologies to be rolled out to regional organizations and Maisons

Qualifications

• University degree in Computer Science, Information Management or a related field is required; MS in Computer Science or Information Management is a plus.
• 3+ years of relevant work experience in information protection and/or audit focusing on operational IT controls, controls.  Prior experience from international audit firm or another large multinational company,
• Solid knowledge in information security principles and practice
• Proven hands-on expertise in the following areas;
  • IT GRC
  • Compliance Assessments (e.g. SOX, SOC 1/2)
  • Definition of Internal Controls
  • IT Audits
  • IT Risk Management
• Industry recognized training and certification (e.g. CISA, CRISC, CISM, CISSP etc.) is a plus.
• Hands-on experience in risk management.
• Experience working in large international environment/ international teams
• Good analytical and problem-solving skills.
• Solid understanding and knowledge of information security terminology, technology, and concepts. Extensive experience with ISO 27K standards, CoBiT, ITIL, CMM or similar frameworks is desirable.
• Information security risk management and compliance, including working with risk management and information security control frameworks such as ISO 27001, 27005, SANS Critical Controls, FAIR, and EBIOS.
• Team-player with excellent interpersonal, communication and influencing skills
• Enthusiastic and ambitious self-starter with a strong drive for results and for whom integrity, honesty and trust are of upmost importance.
• This role will be based in our Shelton, CT office and will follow a hybrid schedule (4 days in office, 1 day remote)
• Other Information:
  • Hands-on knowledge / experience of SAP (e.g. ITGRC) is ideal.
  • Fluent in English, additional relevant local languages with the ability to communicate at all levels in the organization are a plus.
  • May require limited travel (not to exceed 20%) to other corporate locations.

Richemont offers a generous compensation and benefits package for eligible employees. Only candidates selected for further consideration will be contacted.

Salary will be negotiated based on relevant skills and experience.

WE OFFER

We care about our associate's health and wellbeing and offer a comprehensive benefits program to support you and your loved ones. Our core benefits include medical, dental, and vision programs. Health savings and flexible spending accounts are available to support your financial needs, along with access to the employee assistance program for you and your household members. The company offers income protection solutions including life insurance, disability benefits, and 401(k) with employer match. Understanding the importance of wellness and work-life-balance, our package includes a wellness reimbursement benefit and paid time off. We also encourage associates to give back to their local community by using their volunteer time off days to support important initiatives that drive change.

At Richemont, We Craft the Future