Lead Manager, Security Governance, Risk & Compliance

🕒 il y a 1 mois

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Make-A-Wish America

Site WebLinkedInTous les Emplois

1001 - 5000 employés

Fondée en 1980

🤲 Charité

🤝 À but non lucratif

Charity • Non-profit

Make-A-Wish France est une organisation à but non lucratif qui réalise les vœux qui changent la vie des enfants atteints de maladies graves, apportant espoir, force et joie aux patients et à leurs familles. L'organisation collecte des fonds et coordonne des bénévoles ainsi que des partenaires d'entreprise à travers une fondation nationale et des chapitres locaux à travers les États-Unis pour organiser des vœux personnalisés et soutenir les familles impactées.

Description

• Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk. • Contribute to the assessment and mitigation of organizational risks. • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards - as well as, enforcement of secure practices. • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. • Participate in audits of security controls and processes. • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery. • Assist in the identification of control gaps. • Contribute to the development of remediation plans. • Conduct due diligence on potential third-party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations. • Assist in monitoring compliance activities. • Collaborate with various departments to integrate TPRM into vendor management processes. • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. • Create and maintain vendor questionnaire and Data Protection Agreements (DPA). • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation. • Assist Legal with vendor reviews and responses. • Conduct audits of third-party security controls, processes and vendor performance compliance and address and risks that arise. • Aid in the development of risk training and awareness programs. • Maintain GRC monitoring applications. • Performs other related job duties, as assigned.

🎯 Exigences

• Bachelor’s degree in Computer Science or related technology field or equivalent experience required. • 5+ years of total experience with 2+ years of hands-on experience designing, building, and supporting enterprise GRC and TPRM solutions. • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, Cybersecurity Framework (CSF), SOC, GDPR) • Experience: IT Compliance, IT Audit, IT Security, Cloud Security, PCI, HITRUST, HIPPA, GRC, Risk management, Risk analysis • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). • Relevant and Current Certifications Preferred: e.g., Certified in Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), GRC Professional (GRCP), etc. • Knowledge and experience with OneTrust Tools is preferred.

🏖️ Avantages

• Comprehensive benefit package, effective day 1: Medical, Vision*, Dental*, Wellness • Competitive compensation with annual incentive potential • Health Savings Account and Flexible Spending Account Options • Health Reimbursement Account fully funded by Make-A-Wish America • Short Term Disability*, Long Term Disability* and Life Insurance • Additional Insurance Plans: Accident, Critical Illness, Hospital Indemnity, Pet Insurance through Figo • 401(k) Retirement Savings Plan with 5% match after one year of service • Eligibility for student loan forgiveness through the Public Service Loan Forgiveness Program • The organization will send a laptop, 24” monitor, and a docking station/adaptor to new hires