Governance, Risk and Compliance (GRC) Security Specialist - Intermediate is responsible for the development and administration of Information Technology Governance, Risk, and Compliance (GRC) solutions and content.
This position will develop, integrate and administer complex enterprise GRC workflows, data, system integration and related tools. Other key activities include working with Information Security, Information Technology and business stakeholders to understand and support their use of the IT GRC platform and to ensure Information Security controls are managed though out a full lifecycle that includes policies, procedures, implementation, metrics, and assurance requirements.
The GRC Security Specialist - Intermediate should also have the knowledge of industry best practices for Information Security GRC, industry recognized information security frameworks, proficiency in multiple development languages, database expertise, a robust knowledge of the security of information systems and techniques required to protect the confidentiality, integrity, and availability of sensitive information. Strong interpersonal and communication skills, critical thinking, analytical and problem-solving skills are required to avoid checkbox mentality and tackle unexpected challenges by coming up with intelligent ways of providing functionality and security. This role is focused on the GRC system and using a REST API service to integrate with other enterprise technology tools. The individual must have an excellent understanding of information security program needs, risks, along with project management experience. The individual should be able to work well under pressure, independently, and be able to perform effectively in a team setting to achieve organizational goals.
KNOWLEDGE AND SKILLS PREFERRED: