Job Description
Join arenaflex as a highly skilled GRC professional to contribute to the company's mission of protecting its digital assets and ensuring compliance with industry regulations. As a Cyber Protection and Compliance Specialist, you will play a critical role in guiding GRC-related activities and ensuring the smooth execution of various tasks within the team. About arenaflex arenaflex is a leading organization in the field of cybersecurity, dedicated to protecting its clients' digital assets and ensuring compliance with industry regulations.
With a team of experienced cybersecurity professionals, arenaflex is committed to staying at the forefront of the latest technologies and innovations in the field. Our team works tirelessly to ensure that our clients' data is secure and that their businesses are protected from the ever-evolving threats of the digital world. Job Summary We are seeking an experienced GRC professional to as a Cyber Protection and Compliance Specialist. In this role, you will be responsible for guiding GRC-related activities and ensuring the smooth execution of various tasks within the team.
You will work closely with our Manager (Governance, Threat, and Compliance) to develop and implement cybersecurity strategies that align with arenaflex's business objectives. Key Responsibilities * Assist in the management of arenaflex's Third-Party Risk Management (TPRM) software and ensure compliance with industry regulations. * Validate incoming third-party risk assessment requests and work with business stakeholders to confirm the details of the request and the scope of the engagement. * Coordinate the distribution of due diligence questionnaires to internal stakeholders and third-party vendors, review submitted questionnaires for completeness, and identify potential risks arising from the current design and operational effectiveness of internal/third-party security controls.
* File responses, associated findings, and remediation plans in arenaflex's systems. * Draft and review reviews for the checks performed and ensure that respective business stakeholders finalize critiques. * Serve as a strong liaison to ensure that any queries are responded to concerning the risk control technique and evaluation to the business or third parties as required. * Conduct continuous tracking of third-party vendors via arenaflex's systems for current/new findings and ensure that any findings are brought to closure.
* Identify opportunities for improvement within arenaflex's systems and strategies. * Work intensely with the Chance Lead/Supervisor to time-table and execute a range of different supporting activities related to the risk management program. Governance, Threat, and Compliance * Lead and assist in the development of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risk consistent with the agency's threat appetite. * Maintain and document compliance towards information security-related guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks.
* Lead the development and shipping of compliance and risk education and ongoing communications that assist power tradition of protection and compliance. * Retaining abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further pick out new key risk areas. * Lead the team to preserve and guide ISO 27001 certification. Competencies & Attributes for Fulfillment * Understanding and competencies in GRC, cybersecurity, and risk management. * Outstanding stakeholder management.
* Working understanding of information security-related best practices and requirements including ISO 27001, SOC 2 requirements, SSAE 16/18 requirements, and others. * Experience in the control of risk, controls, and compliance. * Expertise of risk evaluation methodologies – qualitative/quantitative. * Super analytical and problem-solving abilities. * Super presentation making and delivery abilities. Personal Attributes * Robust interpersonal abilities. * Ability to navigate rapid-paced surroundings and be bendy with working hours.
* Fantastic communication abilities, both verbal and written. * Adapt speedily to converting conditions and power high-quality change. Preferred Training & Experience * Applicable Bachelor's/Grasp's diploma from an accepted university or equivalent experience. * 4 years of enjoy throughout third-party risk control, records security, and audit & compliance tracking (minimum of 2-Three years in TPRM/Internal Audit). * Preferred revel in with a massive company and/or large four accounting company. * One or greater credentials - CISA, CRISC, ISO27001 L./LI, CISSP.
* Experience in AI/ML is a plus. About arenaflex
Careers At arenaflex, we value our employees and strive to create a work environment that is both challenging and rewarding. We believe in investing in our employees' growth and development, and we offer a range of benefits and opportunities for professional advancement. Why Join arenaflex? * Competitive salary and benefits package. * Opportunities for professional growth and development. * Collaborative and dynamic work environment. * Flexible working hours and remote work options.
* Access to the latest technologies and innovations in the field of cybersecurity. If you are a motivated and experienced GRC professional looking for a new challenge, please including your resume and a cover letter, to. We look forward to hearing from you! Equal Opportunities Employer arenaflex is an equal opportunities employer and welcomes applications from all qualified candidates. We are committed to creating a diverse and inclusive work environment and encourage applications from underrepresented groups.
Contact Information For more information about this role or to, please contact us at. We look forward to hearing from you!