GRC Security Specialist

Role Overview:

The GRC/IRM Security Specialist role is a customer facing domain expert, that drives innovative business solutions with our customers, by applying technical and business skills. The role takes a consultative approach with our customers and prospects to discover and map business outcome-driven solutions. The role also may require demonstration and prototyping of GRC/IRM platform capabilities, and in select cases identify the specific requirements needed to develop innovative application prototypes.

The role will deliver the Security Tools Design & Implementation for GRC/IRM security engagements. Candidate must have the ability to work within a team but also work independently, managing projects, tasks, and deliverables with minimal supervision. Responsibilities include creation and execution of the GRC/IRM Security Technologies solution and the transference of knowledge to internal client resources.

Scope of duties:

a. Actively participate in the engagements conducting following tasks: participate and lead meetings with engineers and experts on clients side in the GRC/IRM area, develop & implementing solutions and prepare technical documentation required to fulfil projects objectives

b. Being an expert for the project teams consisting of security engineers

c. Developing of High and Low-Level Designs, Logical Diagrams and other technical documents

d. Design, Implement and Test the latest GRC/IRM Cybersecurity tools & solutions the GRC/IRM

e. Testing security solutions, Proof of Concept, Working in the Lab

f. Support for business development activities, including new solutions development, proposal writing, and direct support for presentation (technical demos) to potential clients.

Responsibilities & Duties. As a Cybersecurity specialist you will undertake the following functions:

• Architecture, Design and Implementation experience with GRC/IRM platforms such as RSA Archer, ServiceNow GRC, Drata, OneTrust etc.
• Providing advice and guidance in the areas of Security, Risk, Governance, Compliance, and Integrated Risk Management
• Defining and deploying 'to be' best practice GRC/IRM processes and in identifying solutions from a people, process and technology perspective
• Ability to assess vendor security within Compliance and Risk applications.
• Ability to leverage ServiceNow GRC tools to track, monitor, report, and remediate findings.
• Can work independently and collaboratively with customers and delivery teams on implementations and remote services.
• Governance, Risk, and Compliance Fundamentals certification
• Knowledge of Cyber Security tools (such as EDR / EPP, SIEM / SOAR, Firewalls, IDS / IPS, Secure Remote Access, Switching & Routing etc.) we are open for many technology stacks.
• A passion for advising and guiding customers on how to get the most out of the product and for learning the latest product features.
• Utilizes strong communication, presentation, and writing skills
• Willingness to develop and learn of new skills in cybersecurity field
• Basic Knowledge of the security concepts especially network architecture, segmentation, defense in depth is a plus
• Possession of certificates/trainings or education related to cybersecurity / Information technology / Automation engineering is a plus,
• Good knowledge of spoken and written English
• Technical higher education in the field of industrial automation, computer science, electronics or relevant

Requirement Qualifications: Qualified candidates would need to have the following qualifications:

• Strong understanding of Security and/or GRC/IRM technologies
• Big4/6 Experience
• Knowledge of Risk Management, Governance, Compliance, Audit, Information Security and Technical Privacy
• Experience in security frameworks like NIST 800-61, NIST 800-53, NIST 800-37, ISO27001, etc.
• Cyber Security and/or GRC Industry Certifications (ISC2, CRISC,)
• Experience in Security Engineering and/or Information Technology with a security focus to include demonstrated experience leading enterprise technology projects or initiatives.
• General comprehension of cloud and emergent technologies such as: Public Cloud, Containerization, Security Data Lakes, ML/LLMs, GenAI, etc
• Excellent communication skills (Verbal and Written).
• Working knowledge of Microsoft Word, PowerPoint, Excel
• Passion for Cybersecurity

What We Offer:

• Access to GRC/IRM Lab and to the latest tools and solutions
• Skills development in the GRC/IRM & Cybersecurity domain

Support in acquiring qualifications and certificates