Job Description
At arenaflex, we're on a mission to revolutionize the way we approach cybersecurity and risk management. As a leading innovator in the industry, we're seeking an experienced and skilled Full Stack Cybersecurity Risk Management
Professional to. If you're passionate about staying ahead of the curve and making a real impact, we want to hear from you. About arenaflex arenaflex is a cutting-edge technology company that's pushing the boundaries of what's possible in the world of cybersecurity and risk management.
Our team of experts is dedicated to developing innovative solutions that help our clients stay one step ahead of the threats. With a strong focus on collaboration, creativity, and continuous learning, we're building a culture that's as dynamic as it is supportive. Job Summary We're looking for a highly skilled and experienced Full Stack Cybersecurity Risk Management
Professional to. As a key member of our Cybersecurity and Risk Management department, you'll be responsible for guiding GRC-related activities and ensuring the smooth execution of various tasks within the team.
You'll work closely with our Manager (Governance, Threat, and Compliance) to develop and implement cybersecurity risk management strategies that align with arenaflex's threat appetite. Key Responsibilities * Assist the arenaflex team in managing the internal safety compliance requirements and implementation of regulations, tactics, and frameworks at bolthires Star. * Validate incoming Third-Party/Internal Risk Assessment requests, working with business stakeholders to confirm the details of the request and the scope of the engagement.
* Coordinate the distribution of due diligence questionnaires to internal stakeholders/Third-Party, review submitted questionnaires for completeness, and identify risks arising from the current design and operational effectiveness of the internal/Third-Party's security controls. * File responses, associated findings, and remediation plans in the arenaflex systems. * Draft/review reviews for the checks performed and ensure respective business stakeholders finalize critiques. * Act as a strong liaison to ensure any queries are responded to concerning the risk control technique and evaluation to the business or Third-Party as required.
* Conduct continuous tracking of the Third-Party via arenaflex systems for current/new findings and report any findings to closure. * Identify opportunities for improvement within the arenaflex systems and strategies. * Work intensely with Chance Lead/Supervisor to time-table and execute a range of different assisting activities related to the risk management program. Governance, Threat, and Compliance * Lead and assist the improvement of cybersecurity risk and compliance-related strategies to ensure treatment of cybersecurity risk consistent with the agency's threat appetite.
* Maintain and document compliance towards information security-related guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks. * Lead development and shipping of compliance and risk education and ongoing communications that assist power tradition of protection and compliance. * Retaining abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further pick out new key risk regions.
* Lead the team to preserve and guide ISO 27001 popular. Competencies & Attributes for Fulfillment * Understanding and competencies in cybersecurity risk management, governance, and compliance. * Outstanding stakeholder management. * Working understanding of information security-related quality practices and requirements consisting of ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements, and many others. * Experience in the control of risk, controls, and compliance. * Expertise of risk evaluation methodologies – qualitative/quantitative.
* Super analytical and problem-solving abilities. * Super presentation making and delivery abilities. Personal Attributes * Robust interpersonal abilities. * Ability to navigate rapid-paced surroundings and be bendy with working hours. * Fantastic communication abilities, both verbal and written. * Adapt speedily to converting conditions and power high-quality change. Preferred Training & Experience * Applicable Bachelor's/Grasp's diploma from an accepted university or equivalent experience. * 4 years of enjoy throughout Third-Party risk control, records security, and audit & compliance tracking (minimum of 2-Three years in TPRM/Internal Audit).
* Preferred revel in with a massive company and/or large four accounting company. * One or greater credentials - CISA, CRISC, ISO27001 L./LI, CISSP. * Experience in AI/ML is a plus. What We Offer * Competitive salary of $80,000 per year. * Opportunity to work with a leading innovator in the industry. * Collaborative and dynamic work environment. * Continuous learning and professional development opportunities. * Flexible working hours and remote work options. * Comprehensive benefits package, including health insurance, retirement plan, and paid time off.
If you're passionate about cybersecurity and risk management, and you're looking for a challenging and rewarding role, we want to hear from you. Please apply including your resume and a cover letter, to. We can't wait to hear from you!