Job Title: GRC Security Compliance Leader
Location: Remote
Duration: 12+ Months (Contract)
Work Time zone: PST Hours
Responsibilities:
Support implementing and managing Information -Security Management Systems by ISO27001 standards.
3rd party Risk/compliance Assessment through a questionnaire.
Customer and Vendor Contracts Risk Assessment.
Cloud security experience has been needed since today when many vendors' products are in SAAS form.
Coordinate ISMS roll-out efforts for individual business units in scope and support ISO27001 certification efforts.
Manage compliance and sustaining efforts to maintain Common controls implemented at individual business units.
Support Supply Chain and Third-Party Vendor Risk management program activities
Enhance existing Common Controls to align with business & customer needs and Information security policy and Standards.
Help prepare security assurance materials for internal and external audiences, including maintaining our security responses to customer questionnaires.
Prepare regular metrics related to Trust office programs, including ISMS, for management updates.
Assist with evidence gathering for audits, update centralized GRC tool with audit performance, and perform related compliance activity.
Assist in POC and enhancement of GRC tool supporting Trust office objectives.
Perform Ad-hoc activities required to support the Trust office.
Support ad-hoc meetings /updates in the early morning IST and PST Time Zone.
Skill Set:
8-10 Years experience in Information Security, Compliance, Risk Management
Expertise in Information Security implementation for ISO 27001 and other relevant standards such as SOX (US role)-NIST 800- 53, CMMC.