This role will report to the Manager of Technical Services Delivery – Governance, Risk and Compliance (GRC) within the Stratascale department.
To learn more about Stratascale visit our website: https://stratascale.com/
Responsibilities:- Responsible for leading, developing and facilitating vendor due-diligence processes and help define overall third-party risk management Cybersecurity efforts
- Design assessment third party risk workflows based on customer organizational structure and business requirements
- Configure and manage workflows, risk registers, exceptions management processes, reports, and notification withing Governance, Risk, and Compliance (GRC) platforms
- Educate customers and mentor fellow team members on GRC and IRM best practices
- Own the tracking and reporting of organizational risk and compliance metrics to customers
- Assess, document, and report on the compliance and risk posture of information assets for Stratascale and its customers
- Lead internal and external audit processes for relevant compliance
- Design and partner with various business units to ensure controls are adequate, appropriate, and effective
- Design definitions of security standards and development of organizational policies and procedures
- Develop customer information security compliance programs, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations
- Develop strategies to address awareness and training for all stakeholders as well as technical solutions
- Stay informed on current and emerging regulatory and compliance trends and initiatives
- Minimum 10+ years client-facing experience working in complex, demanding environments
- Bachelor’s degree or equivalent combination of education and experience
- Experience leading, developing, and facilitating compliance and validation activities for third party risk management
- Experience with IT governance, risk, and compliance management in a complex global environment
- Familiarity with security frameworks
- Team player with strong work ethic with attention to detail
- Excellent written, verbal, and consultative skills (e.g., professionalism, collaboration, negotiation, conflict resolution, quick learner, etc.)
- Good Interpersonal skills that demonstrate the ability to communicate with both technical and non-technical personnel in cross-functional teams to influence decision making
- Strong process and data analysis skills with the ability to communicate systems concepts in a meaningful business context
- Proficiency with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, Visio)
- Willingness to obtain Industry certifications (e.g., CTPRP, CISSP, CISM, CRISC, CIPP, CISA)
- Experience with one or more of the following: TruOps, Prevalent, ServiceNow GRC, Microsoft Compliance Manager and Microsoft Purview, and/or other relevant GRC, Privacy, and/or Third Party Risk Management technologies
- Experience with IT governance, risk, and compliance management in a complex global environment
- Familiarity with third party risk management processes and frameworks
- Strong understanding of fundamental information security concepts and technology
- Ability to develop security standards and guidelines based on best practices and industry standards
- Experience in a Security Consultant role with responsibility for facilitating meetings to define / compile business requirements and developing functional / technical documentation, in a client environment
- Experience working on systems implementation projects with COTS / 3rd party software, including configuration and testing activities
- Experience with Big 4 consulting firms, or other global system integrators a plus
- Attend virtual customer meetings when appropriate
- Travel to customer sites, partner sites, conferences, and Stratascale offices up to 20% annually
- The estimated annual pay range for this position is $165,000 - $240,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
- Equal Employment Opportunity – M/F/Disability/Protected Veteran Status