New Light Technologies is looking for a Governance Risk and Compliance Consultant. The Governance, Risk and Compliance (GRC) Officer shall provide support for revising internal security policies and standards, leading risk assessments and audits with stakeholders, creating and documenting internal processes to support GRC and participating in executing the cyber security awareness program as a member of a highly experienced security team.
The GRC Officer shall be responsible for the following, but not limited to:
- Prepare and edit security policy documentation incorporating input from Subject Matter Experts (SME)
- Management of compliance audits and coordination with internal external stakeholders
- Manage and execute the processes related to audits and assessments, refining processes as needed, and implementing general IT controls related to Information Security, Change Management and IT Operations
- Thorough understanding of PCI, HIPPA, FTI and other regulatory compliance requirements
- Develop and formalizing quality assurance review processes of all existing security policy, ensure consistency in review periods, and maintain a record of revisions regarding security policies
- Ability to interpret complex technical concepts and articulate the information in policy documentation,
- Provide liaison support for District-wide Information Security Officer (ISO) communications structure
- Assist with development of standard operating procedures for security operations team,
- Serve as Assistant Information Security Officer assisting in policy and communication strategy for GRC initiatives,
- Become an active participant in maintaining an information security awareness training program and assist in tracking and analyzing metrics for reporting.
No Submittals After: 07/18/2016