IT GRC (Controls)

Job Description

Key Responsibilities: Governance & Risk Management : Overseeing technology-driven processes, managing risks, and ensuring compliance within the organization. Risk & Control Assessments : Working closely with management to identify, assess, and monitor risks and controls related to technology and security. Collaboration : Collaborating with process owners to create risk and control matrices, process narratives, and flowcharts. Control Effectiveness : Assessing the design and operating effectiveness of technology-related processes and controls. Self-Assessments & Audits : Conducting reviews of Risk and Control Self-Assessments (RCSAs) and supporting audits. Project Management : Overseeing project status, identifying risks and roadblocks, and ensuring project alignment with management and audit requirements. Regulatory Compliance : Advising management on regulatory compliance, especially regarding security and technology issues. Team Development : Providing feedback to team members and helping them with growth opportunities. Time Management : Balancing competing priorities to keep projects on track. Skills & Qualifications: Educational Background : Bachelor's degree in Information Systems, Computer Science, or related field. Experience : Minimum of 3-5 years in operations and technology governance, risk management, compliance, and audit. Compliance Frameworks Knowledge : Familiarity with standards such as COBIT, NIST, GLBA, SOX, PCI, ISO27001. Certifications : Professional certifications such as CPA, CIA, CISA, CISM, or CISSP preferred. Risk Management Expertise : Proficiency in risk management tools and methodologies. Communication Skills : Ability to communicate complex issues clearly and effectively. Project Management Tools : Experience with tools like ServiceNow, Predict360, Jira, and Microsoft Office tools (Word, Excel, PowerPoint, Visio). Collaboration & Independence : Ability to work well both independently and as part of a team. Audit Experience : Experience with regulatory exams, SOX compliance, and internal/external audits. Attention to Detail : Strong organizational and prioritization skills. Soft Skills: Strong communication and writing skills. Demonstrated ability to build relationships with senior management. Ability to manage multiple projects simultaneously.