iHerb is hiring a
GRC Program Specialist
iHerb
π΅ $115k-$184k
πRemote - United States of America
Please let iHerb know you found this job on JobsCollider. Thanks! π
Summary
Join our team as a GRC Program Specialist and support the security direction of the business, elevating the company's security posture. The ideal candidate is technical with at least three or more years of experience in security, compliance, or risk management.
Responsibilities
- Assist in periodic re-validation of our Top Risks and drive improvements for risk reduction
- Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our GRC processes and policies
- Maintain oversight in a GRC-related platform
- Identify strengths and weaknesses in the security program as they relate to privacy, security, business resiliency and compliance frameworks
- Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation
- Maintain strong oversight of third parties, vendors, and business partners to safeguard against undue risk presented by external entities. Escalating to security management and business unit leads when points of weakness are discovered
- Analyze findings, and document, recommend and report program gaps to security leadership
- Monitor current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply GRC expertise across key lines of business, including products, practices, and procedures
- Define qualitative and quantitative metrics to assess the success of the security program and provide regular reports to security and business leadership
- Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes. Maintain rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts
- Function as a key participant in incident response to track occurrence and resolution, with strict documentation and reporting
- Help support various parts of the company to adopt a common risk and control framework
- Assist with all ongoing compliance activities related to the implementation, maintenance, monitoring, and continuous improvement of the Information Security Management System (ISMS)
- Evaluate the effectiveness of information security controls and performance by developing, monitoring, gathering, and analyzing information security and compliance metrics for management
- Advise and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading best practices
- Perform security policy and standard gap analysis, propose and draft documents and changes
Share this job:
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Similar Jobs
- π°~$120k-$180kπWorldwide
- π°~$105k-$115kπMexico
- π°~$105k-$115kπMexico
Please let iHerb know you found this job on JobsCollider. Thanks! π