Information Security GRC Specialist

Responsibilities

● Design and maintain processes, policies and related guidelines

● Conduct risk assessment on systems, processes, vendors and maintain a security maturity program

● Ensure remediation plans are implemented and carried out

● Lead our compliance operations, including ISO, SOC2 and PCI-DSS

● Develop, deliver and maintain an ongoing Information security & privacy awareness program

● Execute the Information security audit plan

● Operate and utilize GRC tools

● Support sales teams, enabling them to respond to customers and prospect questionnaires

Requirements

● At least 2 years of information security, risk management, privacy and compliance experience

● Knowledge of Privacy and information regulations and best practices such as: PCI-DSS, SOC2 and privacy laws

● Knowledge of risk assessment methodologies

● Experience in major risk assessment projects and activities

● Hands-on experience in building awareness programs, including evaluating effectiveness.

● Experience on assessment of existing security controls and defining new controls and solutions

● Knowledge of identity management best practices

● Ability to take proactive initiative given general direction

● Strong oral and written communications and presentation skills

·