Job Title: Governance, Risk, and Compliance (GRC) Specialist
Location: Remote (United States)
Type: Full-Time / Contract
About Us:
Security Overview is a leading technology company specializing in Cybersecurity and DevSecOps solutions. We are dedicated to delivering cutting-edge security solutions to our clients and are at the forefront of the industry. As we continue to grow, we are seeking a dynamic and driven GRC Specialist to join our team.
Job Description:
As a GRC Specialist within our dynamic cybersecurity team, you'll play a vital role in ensuring our organization maintains the highest standards of governance, risk management, and compliance. You'll be responsible for a wide range of tasks, from conducting risk assessments and designing controls to managing compliance documentation and reporting. You'll work closely with various stakeholders, internally and with client organizations, including cybersecurity analysts, IT professionals, and senior management.
Responsibilities:
Governance:
Develop and implement GRC policies, procedures, and frameworks aligned with industry best practices and relevant regulatory requirements.
Manage and maintain the security controls library, ensuring it's up-to-date and accurate.
Conduct regular risk assessments to identify and prioritize potential threats and vulnerabilities.
Design and implement effective controls to mitigate identified risks.
Develop and maintain a comprehensive risk register, tracking all identified risks and their mitigation strategies.
Compliance:
Identify and analyze relevant compliance regulations and standards applicable to the organization's cybersecurity posture.
Develop and implement compliance plans and programs to ensure adherence to all applicable regulations.
Conduct regular compliance audits and assessments, identifying and addressing any gaps or non-conformities.
Prepare and submit compliance reports to internal and external stakeholders.
Stay updated on changes in regulatory landscape and adapt compliance programs accordingly.
Reporting:
Develop and maintain comprehensive GRC reports, dashboards, and presentations for senior management and other stakeholders.
Communicate complex GRC information effectively to a diverse audience.
Analyze GRC data and trends to identify areas for improvement and inform strategic decision-making.
Collaboration:
Work closely with other security team members, IT professionals, client stakeholders, and business units to ensure effective implementation of GRC initiatives.
Participate in cross-functional projects related to cybersecurity governance, risk management, and compliance.
Foster a culture of security awareness and compliance throughout the organization.
Requirements:
Willingness to work 40+ hours per week and take ownership of tasks.
Minimum 1-3 years of experience in a GRC role within the cybersecurity domain.
Proven experience in developing and implementing GRC policies, procedures, and frameworks.
Strong understanding of relevant cybersecurity frameworks (CIS, NIST, SOC 2, etc.) and compliance regulations (PCI DSS, GDPR, etc.).
Excellent analytical and problem-solving skills.
Strong communication and written report writing skills.
Ability to work independently and as part of a team.
Proficient in GRC software tools and technologies (e.g., SecureFrame, Drata, Cyrisma, etc.).
Benefits:
Competitive pay and benefits.
Opportunity to work with cutting-edge cybersecurity technologies.
Be part of a team dedicated to protecting businesses from evolving cyber threats.
Continuous learning and development opportunities.
How to Apply:
If you are passionate about cybersecurity. and want to be part of a dynamic team at Security Overview, we encourage you to apply today! Please submit your resume detailing your qualifications and interest in the position to: careers@securityoverview.com
At Security Overview, we are committed to providing equal employment opportunities to all qualified individuals. We welcome applications from candidates of all backgrounds and experiences.
Join us in our mission to safeguard innovation in the digital world!