DescriptionParticipate in efforts to develop appropriate policy, process, and technology to support the company’s GRC goals, secure its information technology assets, and provide for Disaster Recovery/Business Continuity (DR/BC) planning. Maintain, revise, and extend policy, process, and documentation as needed. Develop requirements and drive implementation, deployment, adoption, and refinement of technologies needed to support GRC objectives including Authentication, Authorization, and Accounting (AAA), Single Sign On (SSO), multi-factor authentication, Role Based Access Controls (RBACs), monitoring, audit, and, analysis tools, etc as needed. Participate in external and internal IT audits to deliver evidence and control documentation.
Familiarity in many technology areas across a broad-spectrum including networks, infrastructure, cloud and mobile as well as the concepts of information risk management. Solid knowledge of IT controls across all domains such as user access management, data retention, encryption, risk monitoring, secure development, and cloud security.
• ISACA Certification a plus
• 5+ years progressively more responsible experience in the IT field with a GRC focus
• Strong knowledge in the field of risk management and compliance to efficiently work on frameworks including related regulatory compliance requirements including NIST, COBIT 5, CIS Controls, ISO 27001, SOC1/2, PCI, GDPR, and CCPA
• Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Software a Service (SaaS) services
• Experience with compliance controls lifecycle including design, design consultation, effectiveness testing, ongoing monitoring, mapping to risks, policies & standards along with external obligations and change management
• Technical skills with substantial hands on experience including system/network analysis, design, procurement, administration, and operations
• Demonstrated ability to rapidly respond to changing needs of the business
• Excellent written and oral communication skills
• Excellent organizational skills
• High professional standards and desire to continue to develop skills and growth professionally
• Maturity and self-awareness both to recognize mistakes and take responsibility for them as well as to ask for help when needed
#XandrLife means we’re creating an incredible experience for our people, too. Let our employees show you what it’s really like to work here.See what it's like here