Governance Risk & Compliance Lead

* 12+ years of experience in IT Risk management Audit and compliance * Strong understanding of ISO 27K controls annexures and implementation strategies.

* IT security assessment processes, including audit, vulnerability scanning, and security policy and standards review, emphasizing managing IT security policies and standards.

* ISO 27001, NIST 800-53, experience to help in third party security risk assessment efforts.

* Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; ability to use standard English grammar and punctuation.

* A strong sense of customer service and attention to detail.

* Ability to work independently, setting goals and priorities.

* ISO 27001 LA/ LI certification * Bachelor's Degree in related discipline (Computer Science, Information Security) Technical Details * Review of Supplier technical documentation * Demonstrated skill in establishing and maintaining cooperative working relationships.

* Performing assessment on vendor documentation, review and analysis.

* Identifying and measuring the risk associated with vendor security controls.

* Documenting and keeping track of risks and recommendations based on the vendor's lack of control * Co-ordinating and performing vendor reviews.

* Knowledge of Cloud-based technologies such as IaaS and Saas solutions, emphasizing information security control and data protection requirements * Comprehension of the risks that exist in a business and security environment comprised of multiple global geographies and suppliers.

* Minimum two years recent experience performing information systems audit or information security reviews * Experience performing security audits against published standards.

* ISO 27001, NIST 800-53, experience to help in third party security risk assessment efforts.

Salary Range:$110,000-$140,000 a year #LI-AS3