RSA Archer Governance, Risk and Compliance (GRC) Architect

Role: RSA Archer Governance, Risk and Compliance (GRC) Architect

Location: Albany, New York

Duration: 12 Months

Location: Albany – Hybrid - The client currently requires staff to be onsite 3 days a week. Resource should be prepared to be onsite 100% if client requests.

Travel: 10%, could include overnight stays. Travel expenses will not be paid by the client.

Description

As a Governance, Risk and Compliance (GRC) Solution Engineer, you will collaborate and support the integration of an industry leading GRC solution to assist clients in managing risks, ensuring compliance with regulations and internal policies, and improving risk management practices. The ideal candidate will have knowledge the RSA Archer platform as well as of risk management, security and privacy practices, and be an effective written and verbal communicator.

Serving as a GRC Solution Engineer, your day-to-day role will include working with a team to advance a modern GRC solution that will be the foundation of GRC service offerings for stakeholders across NYS.

Duties

1. Day-to-day technical administration of RSA Archer platform.
2. Alignment of service offering business needs with platform configurations and capabilities.
3. Managing upgrades and patching across RSA Archer environments.
4. Working with business units to determine requirements and maintain RSA Archer procedures and documentation.
5. Creation and maintenance of RSA Archer dashboards and reports.
6. Prototyping workflows in RSA Archer risk management system.
7. Evaluation of customer workflows and processes for use with RSA Archer.
8. Conducting risk assessments.
9. Monitoring compliance programs.

Mandatory Requirements

1. Experience (15 Years)

Required Qualifications:

1. Familiarity with security and compliance, internal controls, ERM, and audit assessments processes with focus on NIST 800-53, GAO Green Book.
2. Extensive experience with RSA Archer GRC processes and configuration, including application design, workflow creation, data mapping, custom fields, reporting, and dashboard development.
3. Knowledge of creating and managing data feeds for data import/export from various sources.
4. Experience with system integration using APIs, Web Services, scripting, and database management (SQL).
5. Experience with assessing and analyzing business requirements, current environment and GRC technology choices to produce technical solutions and/or solution alternatives that meet business needs
6. Excellent communication skills to work with stakeholders at all levels, gather requirements, and present technical information clearly.
7. Proven track record of delivering RSA Archer projects on time and within GRC standards.
8. Experience in configuring the Cross-field functionality to associate the records within the same applications or other applications and questionnaires

Preferred/Desired Qualifications:

1. Archer Certified Specialist or Archer Certified Expert certifications are highly desirable.
2. Experience with the following applications in RSA Archer: Issues Management, Policy Program, Privacy Program, Bottom-Up Risk Assessment, Top-Down Risk Assessment, Self-Assessment Management, IT Controls Assurance, IT Risk Management, Data Governance, Loss Event Management and Key Indicator Management.

Required Education and Experience:

1. A bachelor's degree in cybersecurity or similar discipline.
2. At least 10 years of relevant experience, including a minimum of 2 years of supervisory experience.
3. At least 5 years of experience using Archer software in a development role.
4. At least 2 years of experience implementing Archer solution in a federal or state agency.
5. At least 5 years of experience configuring RSA Archer modules, creating applications, dashboards, reports and workflows.
6. A combination of education and experience will be considered.