GRC Lead IRC284899

Description

GlobalLogic, a Hitachi Group company, is a trusted partner in design, data, and digital engineering for the world’s largest and most innovative companies. Since our inception in 2000, we have been at the forefront of the digital revolution, helping to create some of the most widely used digital products and experiences. Our purpose is to positively impact society and the planet through cutting-edge technology. Together with our clients, we are engineering impact through intelligent products, platforms, and services that are designed for desirability, engineered for excellence, and curated for intelligence.

Requirements

• Extensive understanding and ability of tracing products and operational risks to business risk
• Ability to supplement all areas of GRC as schedule(s) dictate
• Ability to quickly change from one task to another
• Experience in at least one of the following security frameworks: NIST, ISO 27001, CMMC 2.0, COBIT, Cyber Essentials, etc.
• A security or compliance certification such as CISSP, CRISC, CISA, CISM, CCP, CCA, ISO 27001 Auditor, etc.
• Ability to effectively discuss security frameworks in detail in how compliance works to shape a business and/or business unit
• Ability to take non-specific technical controls and data and relate them to technical implementations
• Experience working in Change Control Boards (CCBs) or other oversight groups
• Experience auditing businesses, business units, or teams for compliance to a security framework
• Experience in regulations such as GDPR, HIPAA, FISMA, etc.
• Experience in technical roles such as security operations, boundary defense, vulnerability management

Job responsibilities

• Communicate with groups from C-Level Executives to operations and development
• Willingness to speak truth on security compliance regardless of audience; the role must be willing to express deficiencies when deficiencies exist
• Lead and support various risk management teams and boards across such as change control board(s) (CCB), vulnerability anagement, operational risk boards, business risk boards
• Will be an authority in identifying mitigations to risk including technical and operational
• Will prepare steps and efforts to mitigate and burn down risk across all levels of the business
  Work in GRC tools such as Vanta to track risk
• Will own and delegate risk ownership where appropriate
• Understand compliance frameworks and how they interrelate in terms of controls
• Decompose security practices and controls into actionable requirements
• Define, write, and formally document policies, standards, procedures, guidelines, and baselines
• Test policies, standards, procedures, guidelines, and baselines for compliance to security frameworks
• Determine non-compliance and/or deficiencies between control expectations and current implementation including ability to provide guidance to fully meet intention of the security control
• Analyze schedule and budgets to determine if tasks are achievable
• Understands risk management including business risk management, operational risk management, and development risk management
  Problem solver; a desire to see problems as challenges to be resolved
• Continue to learn and improve skills through both provided training and self-training

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.