Remote GRC Consultant

Job#: 1349447

Job Description:

Risk Analyst
100% Remote
6 month contract to hire

Qualifications: 

• Technology, risk management, business continuity and disaster recovery, compliance or audit background  
• Must have extensive experience with 3rd Party Risk and Internal Risk Management in Financial Services industry 
• Internal controls experience 
• Proficiency in one or more GRC systems including Archer, RiskVision, RSAM, ServiceNow or equivalent 
• SOC 1 & 2, NIST and ISO framework experience nice to have
• Certification(s): CISSP, CISM, CRISC, CISA, ABCP or other BCP/DR equivalent 

Additional Qualifications: 

• Excellent time management and analytical skills
• Effective written and verbal communication skills at all levels of the organization
• Strong project management skills with preference for candidate with excellent Excel and PowerPoint skills 
• Team and task oriented 
• Attention to detail with the ability to multi-task 
• Self-motivated & deadline driven 
• Awareness of the importance of timing, politics and group processes in managing change 

Description: 

·         Define, implement and communicate Information Security Risk Services  

·         Leads/Manages Information Security Risk Program Maturity through Identification, Analysis, Recommendation, Disposition and Validation efforts 

·         Partnering with key technology and global organization stakeholders, develops and assists with cyber security strategy, roadmaps and projects to continue long term cyber security resiliency through program maturity 

·         Reviews strategy, roadmap and business plan objectives in association with budget and risk tolerances to provide insight, direction and support of business drivers.  Seeks opportunities to improve risk posture of organization 

·         Leads activities to embed defined security strategy and roadmap initiatives in support with global and business specific strategies  

·         Completes research, development and implementation of moderate to complex information security initiatives; including review of policy, program, process, and technology improvements and solutions to ensure they are current and meet business needs 

·         Works closely with governance and compliance peers to maintain relevance on trending legislation, regulatory affairs and evolving risk 

·         Organizes and maintains certain procedural tasks found within control self-assessments, such as reviewing, analyzing and challenging critical assets, associated ratings and security decisions with risk owners, recommending and supervising business department completion of action plans 

·         Organizes and maintains certain procedural tasks found within third party assessments, such as working with third party to obtain due-diligence artifacts, reviewing and analyzing due-diligence artifacts, reviewing and challenging results, recommending and discussing outcomes with key stakeholders 

·         Tracks current and impeding laws, regulations and industry requirements and best practices, such as data protection, data privacy, cyber security and information security. Translates requirements into practical mitigation solutions, and coordinates improvement plans 

·         Gathers data, builds, analyzes and reviews reports/dashboards on key risk management metrics with program stakeholders 

·         Meet Key Performance Indicators/metrics for IT Service Management 

·         Assists with requirements and coordinates improvement plans  

·         Possesses and applies broad knowledge of concepts and principles; exhibits technical expertise in a specific area; seen as a thought leader 

·         Works with minimal instruction or guidance for moderately difficult assignments with diverse scope and complexity; able to creatively and pragmatically solve complex problems with initiative and decisiveness 

·         Ability to quickly develop excellent working relationships with peers and key stakeholders, such as business partners, legal, internal audit, risk, and technology specialists 

·         Confirms with and abides by all regulations, policies, work procedures, instruction and all safety rules 

·         Exhibits regular, reliable, punctual and predictable attendance 

·         Identify opportunities for process improvement including the development and implementation of best practices and continuous improvement initiatives for business unit 

·         Other duties as assigned based on department and organizational needs.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.