GRC - Risk & Compliance Specialist
Atlanta, GA, United States
AMS Accelerate IT
< Our IT recruitment services in Romania/> Learn More For companies Looking to accelerate your business with new teammates? Contact now! [WHAT WE OFFER_] < WeThe client's mission is to protect the worlds most sensitive data by equipping organizations to detect, investigate and stop advanced cyber-attacks.
Attackers are relentless and clever. They hide their exploits deep inside networks, email and endpoints. They dig as deep as attackers hide. With it, customers will know when they are being attacked, and they can retrace attackers steps and freeze them in their tracks.
The elite team of incident responders is in the trenches every day assisting customers to manage their way through critical security incidents of all kinds. This seat on the front lines gives us a unique view to see what works and what doesnt when it comes to keeping attackers at bay.
Take a seat with our preeminent team and be a part of our mission to give our customers the power to combat todays sophisticated advanced threats with a robust, comprehensive portfolio of products, services, and expertise.
Join a team where you can make a difference!
What about the project?
Due to growth and our commitment to continual improvement, we are looking for an experienced Risk and Compliance Specialist to join our multi-disciplined IT, Security, and Compliance team. This role will be responsible for all day-to-day GRC activities and FedRAMP tasks for the client.
Requirements:
- 5+ years of relevant experience a GRC role or similar
- Internal auditor certification for ISO 27001, 27701 / GDPR preferable
- Previous experience regarding FedRAMP is a huge asset
- Highly proficient in audit methodologies, especially but not limited to those applicable in IT environments
- Having quality management systems i.e. ISO 9001 is a huge asset
- Previous experience executing and managing internal/external ISO audits
- Proficient in IT governance and quality standards
- Experience writing high-quality documentation and reports
- Agile and highly adaptable to changing priorities.
- Experience working in a global, team-oriented, collaborative environment including virtual/remote working.
- Excellent written and verbal English communication skills.
Tasks & Responsibilities:
- Develop, implement, and maintain a continual improvement program, that covers all aspects of governance, risk, and compliance
- Ensure systems owned and operated by the IT, Security, and technical teams across the company are in conformance with the necessary security standards and guidelines.
- risk management and audit preparation activities as well as scheduling and leading the execution of business continuity exercises and documentation
- Maintaining, updating, implementing, and ensuring the adherence of defined information security-related policies and procedures for the company.
- Manage compliance and improve business processes and operations by supporting a program of internal audits and external assessments against adopted standards (e.g. ISO 27001, ISO 27701, ISO20000, GDPR, etc.)
- Manage the continual flow of vendor security and data privacy questionnaires, liaising with internal teams where necessary to ensure timely completion.
- Responsible for risk management and audit preparation activities within the company
- Responsible for regular reporting of Key GRC metrics and risks to the Assima management, GRC Leadership, and other such key stakeholders.
- Leading incident management procedures within Assima covering information security and data privacy incidents.
Diversity is important to us:
At the heart of our company is a diverse group of employees who rely on their intimate knowledge of customer requirements and a unique blend of skill and innovation to develop and deliver the best possible products and services. The company encourages the inclusion of all people and a work environment free from discrimination.
They are dedicated to the principles of equal employment and advancement of people based on their individual qualifications, skills and abilities. This commitment is supported by policies and procedures that foster a nondiscriminatory workplace. Guided by a rigorous code of ethics that is applied with integrity, these fundamental characteristics are reflected throughout our organization and are key components of the strength we deliver to our customers.
Looking forward to get in touch with you!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Audits Compliance Exploits FedRAMP GDPR Governance ISO 27001 Privacy Risk management
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs