Job Description
Skills:
- Managing all aspects of risk and compliance of Information Security disciplines while interacting with mid-level officials of similar capacity at the user agency and private sector.
- Excellent leadership and communication, both written and oral.
- The GRC Lead should possess knowledge of Cybersecurity Incidents.
- Systems Thinking: Understanding the intricate relationships between various components of an organization's IT infrastructure and business processes.
- Technical Proficiency: Staying abreast of emerging trends such as cloud computing, AI, IoT, and cybersecurity.
- Policy Development: Creating and maintaining IT governance policies that align with business goals.
- Compliance Management: Ensuring that the organization adheres to relevant laws, regulations, and standards.
- Risk Assessment: Identifying, analyzing, and mitigating risks associated with IT systems and processes.
- Strategic Planning: Analyzing business goals and identifying how technology can support and enable those goals.
- Excellent interpersonal skills Technical Skills.
Experience Required:
- The candidate must have a minimum of 7 years of industry experience.
- Over 3 years of experience managing a Governance, Risk, and Compliance program to achieve full compliance with defined IT Controls and Security programs and implementing IT procedures focused on efficiency, effectiveness, and risk avoidance.
- Over 3 years' experience in internal audit and the corporate security teams to assess, remediate, and prevent information technology risks.
- Over 3 years' experience in management and reporting of risk and security metrics.
- Over 3 years of experience in the development of IT Strategies and roadmaps to achieve greater security compliance.
- Over 3 years' experience in providing oversight and project management of various internal and external audits, PCI, HIPAA, and CJIS compliance and risk/ control assessment engagements, and regular penetration testing.
- Over 3 years' experience in business process reengineering; cost-benefit analysis; financial management; planning and evaluating.
- Over 3 years' experience in project management, quality assurance, requirements analysis, and risk management.
- Over 3 years' experience in information resources strategy and planning.
- Over 3 years' experience in knowledge of information technology architecture, information technology performance assessment, and infrastructure design.
- Over 3 years' experience in systems integration, systems life cycle, and technology awareness.
- Over 3 years of experience in IT Security Governance Risk and Compliance. Supporting Enterprise Multi-Tenant Environment.
- Over 2 years' experience in security expertise in NIST 800-53 and ISO 270001/2 controls, PCI, HIPAA, and CJIS compliance and helps CSB to create best practice frameworks, policy creation, and business impact analysis.
- Over 2 years' experience in designing and implementing a program's efficient IT policies and procedures.
- Over 2 years' experience in responding, containing, remediating, and reporting on the infrastructure connecting to Public Cloud Providers, such as AWS, Azure, and/or GCP.
Education Required:
- This classification requires possession of a bachelor's degree in an IT-related or Engineering field. Additional qualifying experience may be substituted for the required education on a year-for-year basis.
Trinus Corporation, a leading provider of technology solutions and services with over 25 years of experience, is a certified WBE/MBE/SBE/SDB firm accredited by WBENC, NMSDC, and SBA.
Our mission is to shape the future of work by aligning the right mix of people, process, technology, and innovation to efficiently meet our clients' business objectives.
At Trinus, we understand that finding the right opportunity is pivotal in your career journey. Our staffing services go beyond mere placements; they are about matching your skills and aspirations with the perfect fit.
To learn more about us, please visit our website trinus.com
Job Tags