Senior Governance Risk & Compliance (GRC) Solution Architect will ensure the integrity, confidentiality and availability of the client’s information via risk assessments, audits, controls testing, policy and procedure and compliance initiatives and operational duties. The successful candidate will support various GRC initiatives and work on a diverse set of security related tools and applications.

Essential Duties and Responsibilities:

• This role leads a unified function that embeds risk management, policy governance, and application security into daily business and development activities.

• Perform information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program.
• Create, analyze and develop risk assessment/audit reports and remediation plans resulting from the identification of risks and vulnerabilities discovered during audits/risk assessments.

Knowledge, Skills, and Abilities Required:

• Strong knowledge of Information Security domains, concepts and principals.
• Strong knowledge of local and global Information Security, privacy and compliance regulations.
• Strong knowledge of Information Security frameworks such as ISO 27000, NIST, COSO and COBIT.
• Hands-on experience with security tools such as DLP, SIEM, NAC, A/V and EDR, etc.
• Excellent documentation skills.
• Detail-oriented and able to meet tight deadlines.
• Excellent written, verbal and interpersonal skills.
• Highly motivated self-starter with an inquisitive personality.
• Desire and ability to learn new skills and concepts.

Education and Experience:

• Bachelor’s degree in related field or discipline.
• Minimum five years in Information Security environment.
• CISSP, CISA, GIAC and other Industry Certifications considered a plus.

Job Type: Full-time

Essential Duties and Responsibilities:

• This role leads a unified function that embeds risk management, policy governance, and application security into daily business and development activities.

• Perform information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program.
• Create, analyze and develop risk assessment/audit reports and remediation plans resulting from the identification of risks and vulnerabilities discovered during audits/risk assessments.

Education and Experience:

• Bachelor’s degree in related field or discipline.
• Minimum five years in Information Security environment.
• CISSP, CISA, GIAC and other Industry Certifications considered a plus.