Grc Associate Jobs

3+ years of experience working in a global IT service environment with Vendor management experience.

Working knowledge of Risk Management standards and frameworks (NIST, ISO, COSO, PCI, etc).

Experience working with the legal team and other stakeholders, review and approve MSAs and contracts.

Experienced in using GRC tools (OneTrust, Resolver, Tugboat, ServiceNow, Archer, etc).

Possess or working towards professional certifications (CIA, CISA, CISM) and understanding of IT controls, IT Security and COBIT.

nos équipes internes basées en France et au Canada

· Audit, conformité, gestion des risques, sécurité de l'information ou autre expérience pertinente ;

· Le souci du détail et capacité avérée à mener des projets à terme ;

· La capacité à comprendre et à communiquer des problèmes techniques à des équipes non techniques ;

Missions· Soutenir les activités de conformité des équipes de sécurité et d'ingénierie ;

· Participer activement aux activités d'audit de sécurité et de remédiation ;

Effective organization, follow-up and time management skills.

Previous experience in risk management is a plus

Demonstrated ability to apply IS/IT-related knowledge and experience in solving complex cyber security problems.

Bachelor’s degree in the field of Computer Science, Information Technology, Information Security, or related vocations and/or equivalent education/experience.

Share knowledge with the team members.

5+ years of experience in implementing and supporting enterprise security/ information security / compliance / IT Audit role.

Various experience and knowledge of IT Governance, Risk and Compliance processes and tools.

Undergraduate/Graduate degree in Management Information Systems, Business, or other relevant degree

Minimum of 5 years Technology Risk and GRC experience.

Experience in IT Audit/Assurance and SOX control testing, either as part of internal audit teams or Big 4 consulting

Experience in managing IT Disaster Recovery (Governance) activities.

Experience in developing, implementing, and managing new IT governance processes.

Continuously review internal, external, and regulatory requirements and follow up to ensure company awareness and alignment

Coordinate and track compliance requirements on an ongoing basis to include evidence gathering and timely reporting

Customer service and collaboration skills

Creative problem-solving and critical thinking abilities

Excellent interpersonal, communication, and presentation skills

1 - 3 years of relevant work experience

Seek industry trends and organization knowledge to understand and implement effective risk management practices.

10+ years of information security experience in risk management and information security

Excellent interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management

Continuously improve quality of the issue management process and data.

Familiarity with Risk Management Frameworks (ISO 27005, NIST 800-30/39 or ISF IRAM2 )

Post-secondary education in Computer Science or related field, or equivalent work experience

Élaborer et mettre en œuvre des politiques et des directives de sécurité des TI

Conseiller et recommander des options, des orientations et des obligations en matière de sécurité de l’information dans les projets

Assurer une veille pour être en mesure de réviser des politiques et des directives en place

Réaliser les analyses de risque et évaluer les aspects reliés à la sécurité.

Établir la politique de sécurité du système d’information, des études et des projets associés

Être une source de reporting, effectuer de la veille ainsi que de la sensibilisation auprès des différents collaborateurs

Continuously review internal, external, and regulatory requirements and follow up to ensure company awareness and alignment

Coordinate and track compliance requirements on an ongoing basis to includ e evidence gathering and timely reporting

Customer service and collaboration skills

Creative problem-solving and critical thinking abilities

Excellent interpersonal, communication, and presentation skills

1 - 3 years of relevant work experience

Proven experience in a client-facing information security consultancy, or strong in-house security management experience.

Conducting remote and onsite audits and control validation

5+ years compliance experience in Data Protection, Cyber Security or Information Security

Experience delivering client-facing services in industry related organisations

Experience successfully organising and managing a portfolio of clients to ensure deadlines are achieved

Relevant industry certifications such as CISMP, Security +, CISSP, CISM and ISO Auditor

Prior co-op or internship experience working in internal audit or financial reporting roles preferred

Experience working with audit and compliance tools (e.g. Auditboard) would be preferred

Critical thinking and strong analytical skills to evaluate areas of risks and develop appropriate solutions

IT audit experience, including preliminary understanding of control environments and security concepts preferred

Excellent communication skills and be able to present confidently to various key stakeholders across the company

Be able to work independently in a remote setting and effectively prioritize multiple tasks with competing deadline