Description:
Company Overview:
Resilience CO is a leading in cybersecurity. dedicated to maintaining the highest standards of governance, risk management, and compliance (GRC). We are seeking a skilled and experienced GRC Specialist with three years of experience to join our team and contribute to the enhancement of our organization's GRC program.
Position Overview:
As a GRC Specialist, you will play a pivotal role in supporting the development, implementation, and maintenance of our organization's GRC framework. You will collaborate with cross-functional teams to identify, assess, and mitigate risks, ensure compliance with regulatory requirements, and promote effective governance practices throughout the organization.
Key Responsibilities:
- Assist in the development, implementation, and maintenance of the organization's GRC policies, procedures, and controls.
- Conduct risk assessments and gap analyses to identify potential risks and compliance issues across various business areas and processes.
- Work closely with business units to develop and implement risk mitigation strategies and action plans to address identified risks and deficiencies.
- Monitor regulatory developments and industry standards to ensure compliance with applicable laws, regulations, and best practices.
- Coordinate and support internal audits and compliance reviews to evaluate the effectiveness of GRC controls and processes.
- Provide guidance and training to employees on GRC-related matters, including policies, procedures, and compliance requirements.
- Assist in the preparation of GRC reports and presentations for senior management and regulatory authorities.
- Participate in GRC-related projects and initiatives to improve the organization's overall risk management and compliance posture.
Qualifications:
- Bachelor's degree in business administration, Finance, Accounting, Risk Management, or related field.
- Minimum of three years of experience working in a GRC-related role, preferably in a regulated industry or a large organization.
- Solid understanding of GRC principles, frameworks, and methodologies, such as COSO, ISO 31000, NIST Cybersecurity Framework, etc.
- Experience with GRC software tools and platforms (e.g., RSA Archer, MetricStream, ServiceNow GRC, etc.).
- Strong analytical and problem-solving skills, with the ability to assess and prioritize risks and compliance requirements.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse stakeholders.
- Relevant certifications (e.g., Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), etc.) are desirable.
- Can join in a month.