| New role - GRC & Application Security Advisor - Houston, TX at Houston, Texas, USA |
| Email: [email protected] |
| Hello! We are seeking to hire a GRC & Application Security Advisor in Houston, TX - This position is preferred to be based in Bartlesville, Oklahoma or Houston, Texas, but could be remote. Assignment Scope: Working in the nxtgenERP Security, Controls and GRC team, we establish a single view of risk and controls across the functions, leveraging our guiding principles to drive an integrated solution for nxtgenERP program and sustainability. We are changing many of our processes with the new systems. This is an opportunity to influence the way the company will do its work for decades to come and ensure that our nxtgenERP applications are managed securely. We are seeking a skilled and motivated advisor to evaluate IT General Controls (ITGCs), consult on risks and remediation, assist with the completion of risk assessments, and managing exceptions. The ideal candidate will exhibit strategic thinking coupled with hands-on execution. They will be accountable for coordinating and/or executing, as a part of a team, controls in IT applications. This will help uphold compliance with ConocoPhillips security policies and expectations. Requires a background in IT Audit or IT Security Risk Management. Your responsibilities may include: Collaborate closely with IT application support, architecture, and security teams to understand security control requirements and ensure they are effectively implemented. Establish clear communication channels with key stakeholders, including application owners, application analysts, and other stakeholders. Analyze and recommend process improvements to implement effective and sustainable IT controls. Coordinate the closure of any security gaps and ensure the implementation of effective mitigating controls. Support a comprehensive testing strategy around IT controls. Coordinate and work effectively with internal and external auditors to help application teams respond accurately to audits. Coordinate the submission of new IT Risk Assessments and track the future renewals through the end of the program. Assist with the creation of mitigating controls and any IT policy exceptions required. And track the renewals of exceptions through the end of the program. Prepare for system go-lives by ensuring security requirements are accurately implemented. Provide coordination support during the go-live phase to address any security-related issues promptly. Understand and interpret the Anchored Agility principles followed for nxtgenERP implementation across all phases of the project. Develop a comprehensive plan outlining tasks, timelines, resources, and milestones. Maintain accurate controls documentation, including plans, status reports, and issue logs. Monitor security and controls gaps to resolution. Willingness to take on new tasks related to the SCG team needs as conditions change. Prioritize effectively across competing priorities. Generate regular progress reports and key metrics for stakeholders and senior management. Basic/Required: Bachelors degree or higher in Business, Technology, or another related field from an accredited college/university or at least five years of related work experience. Requires a background in IT Audit or IT Security Risk Management. Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams. Ability to manage multiple tasks and priorities in a dynamic environment. Preferred: Proven experience securely managing applications. Strong understanding of security best practices, application security, and governance around applications. Relevant experience implementing and/or auditing modern ERP packages (SAP, Oracle, Workday) Familiarity with SOX controls Demonstrated ability to inspire and drive change. Ability to apply consultative skills in a business environment. Facilitation and presentation skills with the ability to gain the confidence and trust of stakeholders. Experience influencing across different organizations, time zones, fields, geographies, and leadership/staff levels. Experience working with auditors and responding to audits (internal and/or external) Willingness and ability to learn new concepts and business practices. Willingness to travel to any BU as required (approximately 10%) Strict ethics adherence and respect for confidentiality CISA or other similar certifications are a plus Thank you, With Best Regards Nirupama Talent Acquisitions Specialist Epic Systems, Inc : [email protected] www.epicinfotech.com Contract Vehicles: GSA IT Schedule-70, 8(A) and SWaM, Certifications: CMMIDEV/3, ISO 9001:2015 Keywords: information technology golang Texas New role - GRC & Application Security Advisor - Houston, TX [email protected] |
| [email protected] View all |
| Tue Aug 06 19:53:00 UTC 2024 |