Governance, Risk,

Governance, Risk, & Compliance Specialist

FusionNode Inc.

Full-Time

Posted 15 days ago

About Us:

FusionNode is a Managed Service Provider (MSP) company committed to safeguarding our clients' intellectual property and privacy. Our collaborative and innovative environment fosters excellence, making FusionNode a trusted name in cybersecurity.

Job Description:

The Governance, Risk, & Compliance Specialist provides expertise in the areas of Information Security policy development and maintenance, security training, phishing simulations, risk management and assessment, and security compliance frameworks to support global GRC initiatives across the enterprise. The ideal candidate has experience identifying cybersecurity best practices and recommending improvements to information systems and business processes to align with them, in addition to managing complex GRC initiatives and driving them to successful completion.

Responsibilities

• Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals
• Prepare and deliver information security training, education, and awareness activities appropriate for target audiences.
• Evaluate effectiveness of information security controls and recommending remediation or control redesign guidance where necessary.
• Fine tune and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessments.
• Maintain knowledge of FTC Safeguards, PCI DSS, ISO 27001, and NIST CSF and ensure organizational compliance.
• Partner with business leaders to gain a deeper understanding of their needs and provide solutions that meet their goals and objectives while aligning with security best practices and policy.
• Maintain working knowledge of data privacy laws and regulations.
• Perform other duties, as assigned.

Qualifications

• Education: Bachelor; Computer Science, Information Systems, InformationTechnology, Software Engineering
• Years of Experience: 3+ years
• Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard)
• Skilled in audit management and experience liaising with third party auditors
• Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders
• Skilled in communicating technical requirements with non-technical stakeholders.
• Excellent oral and written communication skills.
• Excellent problem solving and analytical skills.
• Strong time management skills, including effective responsibility prioritization.
• Strong analytical and problem-solving skills to identify and assess security risks and develop appropriate mitigation strategies.
• Familiarity with relevant industry regulations and compliance requirements such as GDPR, PCI-DSS, CCPA, SOX, etc.
• Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc.
• Experience in technical Information Security roles a plus
• Strong understanding of cybersecurity principles, best practices, and industry standards
• In-depth knowledge of governance, risk management, and compliance principles and practices
• Ability to develop and implement risk assessment methodologies and compliance programs
• Ability to successfully influence stakeholders in support of shared goals

Apply directly through our online form. We'll review your application and get back to you soon. Please allow at least 2-3 days for us to process your application.