Governance, Risk, Compliance (GRC) Senior Specialist

At Moladin, we want someone who has passion and deep understanding within the security and GRC. You will make differences by keeping and protecting company security at the maximum level, hardened the network, and securing company data.

Responsibilities:

• Establish an enterprise-wide security policy framework, standards, guidelines, and other relevant documents that align with industry best practices and standards (ex: NIST CSF, ISO 27001, etc).
• Establish cyber security risk management program, manage periodic assessments, and management enterprise security risk register-related activities.
• Define the vulnerability management process and the scope of assets to be included. Ensure remediation and mitigation progress is made against vulnerabilities.
• Coordinate enterprise-wide security compliance through strategy development, controls definition, and continuous assessment & process oversight.
• Facilitate employee security awareness and training programs.
• Provide guidance and advisory services regarding regulatory compliance matters impacting security.

Requirements

• 3-5 years of proven work/professional experience in information security governance.

• Risk based information security program design and implementation experience.
• Good communication and presentation skills.
• Have experience in working with mid-level and senior level management and ability to understand business processes and requirements.
• Understanding and communicating security risks with core technology teams and business functions.
• Experienced in policy creation, security control definition, and security governance processes.
• Ability to evaluate risks and communicate security topics in the form of business-value and business-impact.
• Experienced in security awareness training program development and delivery.