Governance, Regulatory, Compliance (GRC) Cybersecurity Specialist
Estimated Pay | $19 per hour |
---|---|
Hours | Full-time, Part-time |
Location | Lapeer, Michigan |
Compare Pay
Estimated Pay$13.87
$18.53
$30.5
About this job
Job Description
Position Overview:
We are seeking a highly skilled and experienced professional to fill the role of Governance, Regulatory, Compliance (GRC) Cybersecurity Specialist. The successful candidate will play a critical role in ensuring our organization's adherence to relevant cybersecurity laws, regulations, and industry standards. This position requires a deep understanding of cybersecurity governance frameworks, risk management, and compliance processes.
Responsibilities:
· Governance:
o Develop and implement cybersecurity governance frameworks to ensure alignment with organizational goals and objectives.
o Establish and maintain cybersecurity policies, standards, and procedures in accordance with industry best practices.
o Collaborate with executive leadership to communicate and enforce cybersecurity governance principles throughout the organization.
· Regulatory Compliance:
o Stay abreast of current and emerging cybersecurity regulations and standards applicable to the organization.
o Conduct regular assessments to ensure compliance with relevant cybersecurity laws and industry regulations, including PCI DSS, SOX and SOC2 requirements, and others as needed.
o Work closely with legal, compliance and internal audit teams to interpret and address regulatory requirements.
· Risk Management:
o Conduct risk assessments to identify and prioritize cybersecurity risks.
o Develop and implement risk mitigation strategies and action plans.
o Monitor and report on the effectiveness of risk management programs.
· Compliance Monitoring:
o Establish and maintain a compliance monitoring program to track adherence to cybersecurity policies and procedures.
o Support internal teams to conduct regular internal audits to assess compliance with established security controls.
o Provide reports and metrics to executive leadership and parent company on compliance status.
· Incident Response and Reporting:
o Collaborate with incident response teams to ensure timely and effective response to cybersecurity incidents.
o Support the legal team in the preparation and submission of reports to regulatory bodies as required in the event of a cybersecurity incident.
Qualifications:
· Bachelor's degree in Cybersecurity, Information Technology, or a related field. Master's degree is a plus.
· Certified Information Systems Security Professional (CISSP) or equivalent certification is required.
· Proven experience in cybersecurity governance, risk management, and compliance.
· In-depth knowledge of relevant cybersecurity laws, regulations, and industry standards.
· Strong analytical and problem-solving skills.
· Excellent communication and interpersonal skills.
· Ability to collaborate with cross-functional teams and work effectively in a dynamic environment.
Preferred Skills:
· Certified in Risk and Information Systems Control (CRISC) or Certified in the Governance of Enterprise IT (CGEIT).
· Experience with cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, or CIS Controls.
· Familiarity with security technologies and tools.
provide the recruiting and staffing expertise that meets and surpasses the quality requirements and expectations of our customer.