Security Risk and Compliance Management Specialist III

Summary

The job involves leading the security policy management and SAT functions within GRC end-to-end for a large enterprise. The role requires strong understanding of the Archer GRC Tool, excellent communication skills, and at least 5-8 years of practical information security experience. The position is a permanent remote job based in Mexico.

Requirements

• Strong understanding of Archer GRC Tool. Development is not a must but navigation is
• Strong communication skills, ability to navigate across departments and network with various employees across the department to solve issues, host trainings, run meetings and workshops etc
• Supports the maturity of Governance function. Develops documentation related to GRC Platform
• Minimum of 5-8 years of practical information security experience in developing and maintaining secure architectures for large enterprises is preferred

Responsibilities

• Run policy workshops to triage policy intake requests for modification and/or creation of new policies, control standards, and procedures
• Facilitate the annual policy attestation cycle where owners must sign off or modify their control statements using Archer GRC tool
• Support all issues related to policy management
• Serve as POC for everything Policy Mgmt. within GRC and for partnering areas
• Lead the Security Awareness Training (SAT) function within GRC end-to-end
• Provide security onboarding for all new recruits and annual security refresher training
• Lead for National Cyber Security Awareness Month, including creation of the schedule of events and executing the plan
• Lead for hosting phishing programs and campaigns to increase employee vigilance

Preferred Qualifications

Familiarity with common SAT platforms such as ProofPoint, KnowBe4, OneTrust, Archer etc