- Must have excellent soft skills and articulate good documentation skills
- Experience in enterprise GRC and lots of security awareness programs
- Strong background in program management, controls assurance, and ISO 27001
- Third-party experience is a plus
- Minimum of 5 years of experience, preferably coming up through audit or technical security
- Bachelor's degree or equivalent work experience in IT Security
- Minimum of four years in Information Security
- Thorough knowledge of Security frameworks and technologies like ISO 27001, NIST, SOC, and SIG
- Previous IT Security experience in the legal sector is a plus
- Proven technical writing skills
- Strong understanding of risk management principles and practices
- Familiarity with security administration and role-based security controls
- Experience managing timelines and being self-directed for three or more years
- Previous experience in Governance, Risk, and Compliance (GRC) tool management preferred
-
Governance, Risk, Compliance
3 weeks ago
Request Technology, LLC Texas, United StatesNO SPONSORSHIP · SECURITY GRC SPECIALIST II · SALARY: $120k (130k) · LOCATION: Austin, TX 78701 · Hybrid 2-3 days in office and 2 days remote · SELLING POINTS: Must have excellent soft skills articulate good documentation skills enterprise GRC lots of security awareness program m ...
Security GRC Specialist - Texas, United States - Request Technology, LLC
Description
SECURITY GRC SPECIALIST II
SALARY: $120k - $130k
LOCATION: Austin, TX 78701
WORK SCHEDULE: Hybrid - 2-3 days in office and 2 days remote
SELLING POINTS:
The Security GRC Specialist II is a key member of the Governance, Risk, Compliance (GRC) team. In this role, you will lead and execute various services within the GRC team. As a subject matter expert in Information Security, you will provide consultation to both technical and non-technical management as well as the user community. Key responsibilities include risk management functions within the Security Governance department, managing Policy & Standards lifecycle, Security Vendor Risk program, Security Awareness program, Controls Assurance, and conducting Vendor and Client risk assessments.
Current openings offer the opportunity to lead either Security Vendor Risk Management or Security Awareness initiatives.
Qualifications & Requirements
Certificates, Licensures, Registrations
Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are advantageous.