Senior Risk and Compliance Analyst
Position DescriptionWe are seeking a highly skilled and detail-oriented Senior Risk and Compliance Analyst to join our team.
This position will report to the Manager, InfoSec GRC, and will be responsible for ensuring that our organization complies with all relevant regulations and industry standards.
The role involves conducting risk assessments, developing compliance policies, maintaining risk registers, implementing procedures to mitigate potential risks and support IT Audits.
Key Responsibilities Manage the Risk and Compliance Program Assess and prioritize information security and cyber security risks across the organization.
Prepare remediation plans to ensure timely resolution of risks.
Facilitate compliance with regulatory requirements and information security policies.
Conduct comprehensive risk assessments to identify potential areas of concern within the organization.
Develop and implement compliance programs, policies, and procedures to safeguard against legal and regulatory risks.
Collaborate with internal teams to assess and enhance existing processes, ensuring adherence to compliance requirements.
Monitor and analyze changes in legislation and regulations, updating stakeholders on potential impacts to the organization.
Conduct internal audits to assess compliance levels and identify areas for improvement.
Provide guidance to staff on compliance-related matters and offer training programs to enhance awareness.
Prepare and submit regulatory reports and documentation as required by relevant authorities.
Collaborate with legal and other relevant departments to address compliance issues promptly.
Assist in the development of risk mitigation strategies and contingency plans.
Act as single point of contact for I.
T General Controls and Audit related topics for all regions and processes in scope Support Internal and External Audit teams for IT Audits and ensure remediation of Audit findings Improve Awareness and Training Provide subject matter expertise and guidance on IT / Infosec standards and policies to regional and local functions.
Provide on-going guidance on requirements and expectations to control and process owners.
Train the trainer and provide training to relevant staff.
Business Partnering Provide periodic review of risk postures to business leadership and all stakeholders.
Facilitate coordination and execution of risk remediation with business stakeholders.
Required Qualifications 7 to 10 years of combined information security risk, compliance, and governance experience Knowledge of and experience in utilizing various methodologies and frameworks (NIST, COBIT, COSO, ITIL, ISO 27001/27002 and 27018) Strong knowledge and understanding of SOX and IT General Controls.
Knowledge of SAP GRC and experience in auditing SAP systems preferred Working knowledge with a GRC tool like SimpleRisk, RSA Archer, Standard Fusion, etc.
Possess excellent written and oral communications skills.
Excellent analytical, problem-solving, interpersonal, teamwork and project management skills.
Be able to communicate effectively with resources at all levels of the organization.
Be able to work independently, meet deadlines, and drive for results.
Be able to think logically and independently and solve complex problems in their assigned area of responsibility.
Be able to apply the organization Values and support the 80/20 initiatives.
Education RequirementsBachelor's degree in IT (Information Technology), MIS, Accounting, Finance, Business Administration, related field, or equivalent experience.
TravelThis position may require up to 25% travel in certain circumstances.
Recommended Skills Analytical Attention To Detail Business Administration Business Informatics Cash Or Share Options Communication Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3n1r7649d9ym8c6pkz', 'ExternalApply-j3n1r7649d9ym8c6pkz'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
This position will report to the Manager, InfoSec GRC, and will be responsible for ensuring that our organization complies with all relevant regulations and industry standards.
The role involves conducting risk assessments, developing compliance policies, maintaining risk registers, implementing procedures to mitigate potential risks and support IT Audits.
Key Responsibilities Manage the Risk and Compliance Program Assess and prioritize information security and cyber security risks across the organization.
Prepare remediation plans to ensure timely resolution of risks.
Facilitate compliance with regulatory requirements and information security policies.
Conduct comprehensive risk assessments to identify potential areas of concern within the organization.
Develop and implement compliance programs, policies, and procedures to safeguard against legal and regulatory risks.
Collaborate with internal teams to assess and enhance existing processes, ensuring adherence to compliance requirements.
Monitor and analyze changes in legislation and regulations, updating stakeholders on potential impacts to the organization.
Conduct internal audits to assess compliance levels and identify areas for improvement.
Provide guidance to staff on compliance-related matters and offer training programs to enhance awareness.
Prepare and submit regulatory reports and documentation as required by relevant authorities.
Collaborate with legal and other relevant departments to address compliance issues promptly.
Assist in the development of risk mitigation strategies and contingency plans.
Act as single point of contact for I.
T General Controls and Audit related topics for all regions and processes in scope Support Internal and External Audit teams for IT Audits and ensure remediation of Audit findings Improve Awareness and Training Provide subject matter expertise and guidance on IT / Infosec standards and policies to regional and local functions.
Provide on-going guidance on requirements and expectations to control and process owners.
Train the trainer and provide training to relevant staff.
Business Partnering Provide periodic review of risk postures to business leadership and all stakeholders.
Facilitate coordination and execution of risk remediation with business stakeholders.
Required Qualifications 7 to 10 years of combined information security risk, compliance, and governance experience Knowledge of and experience in utilizing various methodologies and frameworks (NIST, COBIT, COSO, ITIL, ISO 27001/27002 and 27018) Strong knowledge and understanding of SOX and IT General Controls.
Knowledge of SAP GRC and experience in auditing SAP systems preferred Working knowledge with a GRC tool like SimpleRisk, RSA Archer, Standard Fusion, etc.
Possess excellent written and oral communications skills.
Excellent analytical, problem-solving, interpersonal, teamwork and project management skills.
Be able to communicate effectively with resources at all levels of the organization.
Be able to work independently, meet deadlines, and drive for results.
Be able to think logically and independently and solve complex problems in their assigned area of responsibility.
Be able to apply the organization Values and support the 80/20 initiatives.
Education RequirementsBachelor's degree in IT (Information Technology), MIS, Accounting, Finance, Business Administration, related field, or equivalent experience.
TravelThis position may require up to 25% travel in certain circumstances.
Recommended Skills Analytical Attention To Detail Business Administration Business Informatics Cash Or Share Options Communication Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3n1r7649d9ym8c6pkz', 'ExternalApply-j3n1r7649d9ym8c6pkz'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
