Security Governance, Risk, and Compliance (GRC) Specialist

Remote-based- UK/ Ireland

We believe that we are better together, and at Tripadvisor we welcome you for who you are. Our workplace is for everyone, as is our people-powered platform. At Tripadvisor, we want you to bring your unique identities, abilities, and experiences, so we can collectively revolutionize travel and together find the good out there.

We are seeking a Governance, Risk, and Compliance (GRC) Specialist to join our growing security team at Tripadvisor. The GRC Specialist will be responsible for developing, implementing, and maintaining the company's Information Security GRC program, ensuring compliance with regulatory requirements, and tracking and reporting out on risks. The successful candidate will work closely with Legal, Internal Audit, our various Brands, and all teams in the company to track and reduce risk and ensure adherence to privacy and security best practices.

What you'll do:

• Develop, implement, and maintain the company's GRC program, ensuring compliance with regulatory requirements, and privacy and security best practices.
• Ensure that policies and procedures are aligned with NIST CSF, CRPA, GDPR, PCI DSS, and SEC cyber security requirements.
• Work closely with Legal and Internal Audit to track our heat riskmap and develop a global risk register.
• Measure our security against various frameworks and develop a roadmap to improve our security posture.
• Conduct periodic risk assessments and ensure that risk mitigation strategies are in place.
• Develop and maintain a security awareness training program for all employees.
• Develop and maintain metrics to track the effectiveness of the GRC program and report on progress to senior management.

Skills and experience:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum of 5 years of experience in a GRC role.
• Strong knowledge of regulatory requirements, including CRPA, GDPR, PCI DSS, and SEC cyber security reporting.
• Strong understanding of privacy and security best practices and NIST CSF.
• Experience developing and implementing policies and procedures.
• Experience conducting risk assessments and developing risk mitigation strategies.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Security certifications such as CISA, CISSP, CISM, CIPT, or CRISC are a plus.

At Tripadvisor, we are committed to creating a diverse and inclusive workplace. We welcome and encourage applicants from all backgrounds and identities to apply for this position.

If you need a reasonable accommodation or support during the application or the recruiting process due to a medical condition or disability, please reach out to your individual recruiter or send an email to AccessibleRecruiting@Tripadvisor.com and let us know the nature of your request. Please include the job requisition number in your message.

#LI-CH1

#LI-Remote

#LI-Tripadvisor