Related skills
information security gdpr iso 27001 ccpa grcπ Description
- Analyze access privileges and controls to identify risks.
- Conduct risk assessments to identify threats and vulnerabilities.
- Evaluate security controls, policies, and procedures for gaps.
- Lead third-party risk assessments and maintain vendor risk register.
- Ensure regulatory compliance (SOC 2, ISO 27001, PCI DSS) and maintain evidence.
- Develop and enforce information security policies; perform audits and address non-compliance.
π― Requirements
- 3+ years in a GRC or information security role.
- Experience with GRC and Third Party Risk Management tools.
- Bachelor's degree in Information Security, CS, or related field (or equivalent).
- Certification in CISA or CISSP.
- Strong understanding of access governance principles, frameworks, and best practices.
- Knowledge of risk management frameworks (NIST RMF, FAIR).
π Benefits
- Opportunity for equity ownership.
- Private health insurance option.
- Employee Resource Groups.
- Fun company outings and events.
- Generous PTO Allowance.
- 5% Pension contribution.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!