| Opening for IT GRC Manager Governance Risk, and Compliance only USC GC ONLY at Remote, Remote, USA |
| Email: [email protected] |
| From: jai, spear staffing [email protected] Reply to: [email protected] Position: IT GRC Manager -> GRC stands for (Governance, Risk, and Compliance) Client: MDRC Location: NYC lower Manhattan Hybrid: up to 3 days per week has the possibility of going remote but no guarantees Visa: No H1Bs/CPT This is a contract to hire so if you submit any C2C candidates they must be open to conversion to full time after 6-12 months TOP SKILL is FedRAMP experience for audits. If No FedRAMP, MUST have NIST 800-53 no exceptions. Want to see people in their current/recent role handling the audits in a similar capacity. Position Objective: The Governance, Risk Management, and Compliance (GRC) Manager is responsible for assessing, documenting, and maintaining stewardship of MDRCs compliance and risk posture related to information technology assets. This position aims to provide highly skilled technical and information security expertise for developing and implementing MDRCs information security risk management program. The GRC Manager provides leadership and project management expertise to ensure adherence to corporate standards, perform ongoing risk assessment, increase awareness through training, develop policies, standards, and guidelines, and ensure effective and continuous system-wide security analysis and monitoring is taking place. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may enable qualified individuals with disabilities to perform the essential functions unless this causes undue hardship to the organization. Essential Functions: Lead the development and implementation of the corporate-wide IT risk management program to ensure information security risks are identified and continuously monitored. Assess, evaluate, and make recommendations to senior management regarding the adequacy of the security controls for MDRC's information and technology systems and associated business processes. Develop and implement effective and reasonable policies, procedures, and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. Execute strategy for dealing with increasing audits, compliance checks, and external assessment processes for internal/external auditors, such as NIST 800-53/FISMA/FedRAMP. Recruit, train, support, and retain talented IT GRC analysts. Educational Requirements: Bachelors degree in Computer Science, Information Technology, or other relevant field of study or equivalent experience in an information technology or business administration capacity. Masters degree preferred but not required. Skills and/or Experience Required: Extensive knowledge of the software and hardware systems utilized by MDRC. Extensive knowledge of information security risk frameworks and compliance practices such as NIST 800-53. Key Technologies: AWS Cloud Engineering, Splunk, Okta, Qualys, Crowdstrike, Qualtrics, Acquia, Box, and other cyber security solutions. Requires ten years of experience with IT support, operations, and team management. Excellent interpersonal, communication, and presentation skills, including formal report writing experience. Experience performing risk assessments and information security auditing processes. [email protected] Keywords: information technology Opening for IT GRC Manager Governance Risk, and Compliance only USC GC ONLY [email protected] |
| [email protected] View all |
| Sat Aug 24 01:45:00 UTC 2024 |