Risk Management
-
Identify, assess, and prioritize risks that may impact organizational, operational, financial, and reputational objectives.
-
Develop, implement, and monitor risk-mitigation strategies and internal controls to reduce exposure.
Compliance Oversight
-
Ensure adherence to all relevant laws, regulations, internal policies, and industry standards.
-
Investigate, document, and resolve compliance issues promptly.
-
Remain up to date on GRC, security, and privacy developments, including regulatory changes and emerging best practices.
-
Support compliance with key regulatory frameworks such as data protection, export control, and labor laws.
Cross-Functional Collaboration
-
Partner with internal stakeholders to promote an integrated and proactive approach to governance, risk, and compliance.
-
Foster GRC awareness across departments and encourage a culture of accountability.
Audit & Control Management
-
Coordinate and support internal and external audits, ensuring teams are fully prepared and responsive.
-
Develop and execute audit plans, enterprise risk assessments, and control evaluations.
-
Produce clear, concise reports on GRC activities, findings, and overall compliance posture.
Requirements
Education & Experience
-
Bachelor’s degree in business, law, security, or a related discipline.
-
5+ years of experience in GRC, risk management, compliance, or a similar field.
Technical Skills
-
Hands-on experience with GRC tools and platforms (e.g., RSA Archer, BitSight, or similar solutions).
-
Strong understanding of GRC principles, frameworks, and methodologies.
-
Knowledge of compliance standards such as SOC 2, ISO 27001, GDPR, SOX, and NIST CSF.
Professional Skills
-
Excellent analytical, investigative, and problem-solving abilities.
-
Strong communication and presentation skills, with the ability to effectively collaborate across teams.
-
High attention to detail, accuracy, and the ability to work both independently and in a team-oriented environment.
