Job Description
JOB DUTIES:
Key areas of accountability include collaborating with the GRC team in monitoring the compliance programs, interfacing with process and control owners to obtain support and assess and prepare documentation to ensure the risk management program/s are implemented appropriately.
Responsibilities include one or more of the following:
* Assist the GRC team with the compliance program. Act as the lead representative for IT on key internal control related matters (Compliance, Segregation of Duties, Policies and Procedures, design of controls in systems and process, and evaluation of risk)
* Assist in serving as GRC Specialist and GRC tool administrator, Administer periodic risk assessments, track issues/action plans and drive risk remediation activities to completion. Ensure GRC tool configuration in line with IT Compliance requirements.
* Serve as team representative during regular weekly/monthly meetings and to monitor ongoing IT projects which arise to ensure GRC team is aware of all changes and to ensure that all requirements have been fulfilled prior to approval and implementation
* Perform regular re-performance of management tasks related to IAM provisioning, de-provisioning and periodic access review processes.
* Assist in coordinating/leading the exception request process and consult as needed
* Maintain accurate records and assist in coordinating response to client security and risk requests
Required Skills & Experience
* Position requires a bachelor's degree from an accredited college or university in management information systems (MIS), accounting, computer science, information technology, or related field or equivalent work experience.
* 2 or more years of a progressive career in risk management, controls related experience
* Knowledge of IT Controls (Access Management, Change Management, Operations Management)
Nice to Have Skills & Experience
* Strong project management and prioritization skills. Ability to Multi-task as needed on various projects and initiatives.
* Excellent interpersonal, written, and oral communication skills and presentation skill
* Excellent problem-solving skills
* Proactive, positive, deliberate, and focused thinking
* Two or more years of experience managing timelines and being self-directed preferred
* Ideal candidate has worked with a GRC tool, has some experience with identity and access management (IAM) and has worked with business and IT functional areas to develop and implement mitigating controls.
* ISO27001, SOC-1/SOC-2 experience a plus
* Relevant experience with GRC Software (ServiceNow, Archer, AuditBoard, TeamMate etc) is a plus
* Relevant experience in IT Controls or IT Auditing with some background in segregation of duties
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.