Added
less than a minute ago
Location
Type
Full time
Salary
Upgrade to Premium to se...
Related skills
jira threat modeling fedramp grc risk assessmentπ Description
- Lead end-to-end risk assessments across infra, cloud, and apps.
- Drive methodology to integrate risk matrix into the risk framework.
- Govern global regulatory compliance (DORA, FedRAMP) and oversee SCRM.
- Own risk scoring using breach history and weighted impact to derive risk ratings.
- Manage risk acceptance in Jira and maintain Risk Management Dashboard.
- Conduct annual enterprise risk assessments and ad-hoc reviews as changes occur.
π― Requirements
- 10+ years in Information Security, Governance, Risk & Compliance (GRC).
- Hands-on enterprise risk assessments end-to-end (scoping, threat modeling, control evaluation, executive reporting).
- Evaluate control effectiveness using technical evidence (configs, logs, architecture diagrams).
- Threat modeling using STRIDE and MITRE ATT&CK.
- Deep knowledge of risk methodologies (NIST SP 800-30) and frameworks (NIST CSF, NIST 800-53, ISO 27001, SOC 2, SIG Core/Lite, CAIQ).
- Regulatory knowledge: DORA, NIS2, FedRAMP Rev 5, GDPR, PCI-DSS; ability to translate flaws into business risk.
π Benefits
- Equal opportunity employer.
- Accommodations for disabilities in application/interview process.
- Competitive salary and benefits package.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Business & Management Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!