Job Summary:
We are seeking an experienced GRC Specialist to join our team and assist in the implementation of strong governance, risk management, and compliance practices. The ideal candidate will have at least 5 years of GRC experience as well as an in-depth grasp of industry legislation and best practices. The GRC Specialist will be responsible for developing and executing risk mitigation strategies, policies, and procedures, as well as ensuring compliance with applicable laws and regulations and the maintenance of a strong governance structure.
As a GRC Specialist, you will help the organization succeed by implementing robust governance, risk management, and compliance practices.
Responsibilities:
1. Develop and implement a comprehensive GRC framework that meets with the organization's goals, objectives, and legal requirements.
2. Conduct risk assessments to identify potential risks and vulnerabilities in the operations, systems, and processes of the company.
3. Develop and implement frameworks, controls, and risk mitigation approaches to mitigate identified risks and ensure business continuity.
4. Evaluate the effectiveness of present controls and processes, identify areas for improvement, and recommend corrective actions.
5. Ensure that the organization is aware of industry norms, standards, and best practices for governance, risk management, and compliance, and that they are followed.
6. Create and administer compliance programs, regulations, and procedures with cross- functional teams.
7. Conduct compliance audits and assessments to verify compliance with business policies,
industry standards, and regulatory responsibilities.
8. Coordinate with external auditors and regulatory agencies throughout audits and investigations to ensure fast responses and resolution of identified problems.
9. Create reports and presentations for management and stakeholders that highlight key
risks, compliance status, and ideas for improvement.
Qualifications:
1. A minimum of 5 years; experience in GRC, risk management, compliance, or a related field is needed.
2. Solid grasp of governance, risk management, and compliance concepts, frameworks, and best practices.
3. Understanding of relevant regulations and standards, such as ISO 31000, ISO 27001, ISO
27017, ISO 27018, ISO 31700, the NIST Cybersecurity Framework, GDPR, or industry- specific requirements.
4. Previous experience developing and implementing ISMS framework, GRC strategies, policies, and procedures is necessary.
5. Strong analytical skills, as well as the ability to assess complex risks and develop effective risk mitigation strategies.
6. Extensive understanding of internal control structures and risk assessment techniques.
7. Excellent communication and interpersonal skills are essential to effectively connect with stakeholders at all levels of the organization.
8. Ability to work independently and handle many tasks at once, prioritizing chores to meet deadlines.
9. Certifications such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), CISSP, ISO 27001 Lead Implementer, Data privacy certification are sought.
Interested candidates share your CVs to Jmalek (@) Net-recrute.com