Jobs · Information Technology · California

GRC Lead – IT Risk Management & Compliance

MDAEdge · Cupertino, CA · 1 mo ago
On-siteInformation TechnologyFull-time

Key Responsibilities

  • Lead IT Risk Management, Audit, and Compliance efforts.
  • Implement ISO 27K controls annexures and strategies.
  • Conduct IT security assessments, including audits, vulnerability scanning, and policy reviews.
  • Perform third-party security risk assessments based on ISO 27001 and NIST 800-53.
  • Review supplier technical documentation and vendor security controls.
  • Identify and measure risks associated with vendor security.
  • Document and track risks and recommendations for vendor security gaps.
  • Cook up vendor security reviews.
  • Ensure compliance with cloud-based technologies (IaaS, SaaS) and data protection requirements.
  • Assess business and security risks across multiple global geographies and suppliers.
  • Perform security audits against published standards.
  • Maintain strong customer service and attention to detail.
  • Work independently, setting goals and priorities.

Must-Have Skills

  • 7+ years of experience in Cyber Security, GRC, and Data Security.
  • Strong expertise in ISO 27001 and NIST 800-53 for third-party security risk assessments.
  • Experience in identifying and measuring vendor security risks.
  • Deep understanding of ISO 27K controls annexures and implementation strategies.
  • Strong background in IT Risk Management, Audit, and Compliance.
  • Excellent communication skills to work with technical and non-technical teams.

Similar jobs

Security GRC Lead

SalesforceHerndon, VA· 2 days ago
$149k–$224k/yrapply on salesforce.wd12.myworkdayjobs.com

GRC Lead

Brain Co.San Francisco Bay Area· 1 wk ago
Management$375/hrapply on jobs.ashbyhq.com

IT GRC Lead Analyst

Westfield InsuranceWestfield Center, OH· 2 wk ago
Information Technology$10/hrapply on fa-exdv-saasfaprod1.fa.ocs.oraclecloud.com