What are the responsibilities and job description for the Governance Risk & Compliance Lead position at Flexon Technologies Inc.?
Job Details
Job Title: Governance Risk & Compliance Lead
Location: Cupertino, CA & Sunnyvale, CA (On-site)
Job Description:
GRC Lead 8 years of experience in IT Risk management Audit and compliance
Strong understanding of ISO 27K controls annexures and implementation strategies.
IT security assessment processes, including audit, vulnerability scanning, and security policy and standards review, emphasizing managing IT security policies and standards.
ISO 27001, NIST 800-53, experience to help in third party security risk assessment efforts.
Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; ability to use standard English grammar and punctuation.
A strong sense of customer service and attention to detail.
Ability to work independently, setting goals and priorities.
ISO 27001 LA/ LI certification Bachelors Degree in related discipline (Computer Science, Information Security)
Technical Details:
Review of Supplier technical documentation
Demonstrated skill in establishing and maintaining cooperative working relationships.
Performing assessment on vendor documentation, review and analysis.
Identifying and measuring the risk associated with vendor security controls.
Documenting and keeping track of risks and recommendations based on the vendors lack of control
Co-ordinating and performing vendor reviews.
Knowledge of Cloud-based technologies such as IaaS and Saas solutions, emphasizing information security control and data protection requirements
Comprehension of the risks that exist in a business and security environment comprised of multiple global geographies and suppliers.
Minimum two years recent experience performing information systems audit or information security reviews
Experience performing security audits against published standards.
ISO 27001, NIST 800-53, experience to help in third party security risk assessment efforts.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
