GRC Cyber Risk Compliance

Hi,

We have immediate position on

Role: GRC Cyber Risk Compliance

Location: Houston, TX (Onsite)

Job Description:

Digital Technical Risk

• Operate the IT Secure By Design process within the region Perform Cyber Security Assessment reviews and consultations
• Perform IT Cyber Critical Control Pre-Implementation Change reviews and consultations
• Produce or collaborate with Digital Engineering on publishing reusable Cyber Pre-Approved patterns, reference architectures, templates. guides
• Support the development of Attack/Threat Model for IT applications. systems, environments and solutions.

Cybersecurity IT Control Assurance

• Perform proactive assurance assessments of the state of IT Control Health.
• Third Party Cyber Security Risk Management (TPCRM)
• execute TPCRM process
• Support and consult on 3* Party cybersecurity risk management within the region
• Perform vendor impact assessments
• Evaluate and manage critical vendors cybersecurity risk to Woodside

Human Risk

• Support an effective Insider Risk Management program
• Operate an effective Security Awareness Program
• Support Cyber Defense in communicating Cyber Alerts to harden the human attack surface
• Work with Cyber Defense and Digital Engineering to address any high risk behavior
• Support training and awareness content creation.
• Support eDiscovery efforts as needed

Cybersecurity Regulation and Compliance

• Support annual C2M2 Assessments
• Monitor the regional reguletory landscape and ensure new incoming reguletory obligations and identified and responded to
• Ensure all regulatory obligations are registered for monitoring and upkeep Ensure annual regulatory reporting are delivered on time g.9, SEC, AEMO
• Produce and publish a regional cyber risk report to all asset stakeholders.