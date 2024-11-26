Up to 10% travel should be expected with this role

We are hiring for an information security professional, specializing in governance risk and compliance. The candidate must have in-depth GRC experience and successfully operated information security and compliance processes in complex and regulated global organizations.

In this role you will deliver a set of GRC activities including managing compliance programs and leading remediation to meet regulatory (SOX) and contractual requirements (PCI-DSS, including:

Design and lead the delivery of compliance programs for specific areas of business.

Supporting the implementation of information security policies and control framework

Managing PCI-DSS compliance, the business audit program, and the relationship with PCI QSA

Enable compliance with regulatory requirements and required remediation (e.g. SOX, PCI-DSS, CCPA)

Support the delivery of business information security certifications (e.g. NIST CSF)

Monitor and report on effectiveness of information security policies.

Respond to observations identified by auditors, assess and report on their impact to key collaborators.

In-depth knowledge of information security management frameworks (NIST-CSF, CCPA, PCI-DSS, CIS-CSC).

Solid understanding of the legal and regulatory landscape, audit and IT controls.

Good understanding of enterprise and operational risk management, risk governance and regulatory compliance.

Understanding and experience using GRC platforms.

Ability to manage and influence senior collaborators.

Ability to manage multiple projects simultaneously and meet demanding deadlines.

Superb communication and interpersonal skills, with the ability to collaborate with collaborators at all levels and influence outside of management line.

Thinking and problem-solving skills - navigates thru complex information, identify root cause(s) and builds a plan.

Excellent Initiative and follow through skills – capacity to navigate thru different non-ideal risk scenarios and propose sound plans to improve them; overcomes obstacles and drives problems to a closure.

Ability to use technology, data, and insights to enable decision making.

CISM, CRISC, CISA, PCI - ISA or CISSP

Up to 10% travel should be expected with this role



This role is not eligible for relocation



This position is a hybrid of office/remote working



