Job Description
Introduction to arenaflex arenaflex is a leading organization in the industry, known for its commitment to innovation, customer satisfaction, and employee growth. As a company, we strive to create a work environment that is inclusive, diverse, and empowering, allowing our employees to reach their full potential. Our mission is to provide top-notch services and products that exceed our customers' expectations, while maintaining the highest standards of quality, security, and compliance. If you are a motivated and experienced GRC professional looking for a new challenge, we invite you to as a Cyber Protection and Compliance Specialist.
About the Role We are seeking an experienced GRC professional to guide GRC-related activities and ensure the smooth execution of various tasks within our team. As a Cyber Protection and Compliance Specialist, you will be responsible for assisting in the management of our internal security compliance requirements, implementation of regulations, tactics, and frameworks, and maintaining the highest standards of cybersecurity. This is a remote, part-time or full-time position, offering a competitive salary of $80,000 per year.
Key Responsibilities Third-party/inner risk management (TPRM) software management Assist in the global third-party/internal risk method for conducting cyber risk-related due diligence exams Validate incoming third-party/internal risk assessment requests and operate with business stakeholders to confirm the details of the request and the scope of the engagement Conduct kick-off sessions with business stakeholders and related third-parties for conducting the TPA Coordinate the distribution of due diligence questionnaires to internal stakeholders/third-party, review submitted questionnaires for completeness, and identify risks arising from the current design and operational effectiveness of the internal/third-party's security controls File responses, associated findings, and remediation plans in our systems Draft/review reports for the checks performed and ensure respective business stakeholders finalize reviews Act as a strong liaison to ensure any queries are responded to concerning the risk control technique and evaluation to the business or third-parties as required Carry out continuous monitoring of third-parties via our systems for current/new findings and track any findings to closure Identify opportunities for improvement within our systems and strategies Work closely with the risk lead/supervisor to schedule and execute a range of different supporting activities related to the risk management program Governance, Risk, and Compliance In this role, you will also be responsible for leading and supporting the development of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risk consistent with the organization's risk appetite.
You will maintain and document compliance towards information security associated guidelines and processes through planning, testing, remediating, monitoring, and reporting on control reviews and risk assessments. Key Activities Lead the development and shipping of compliance and risk education and ongoing communications that support a culture of security and compliance Stay abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further identify new key risk areas Lead the activities to maintain and guide ISO 27001 certification Competencies and Attributes for Success To be successful in this role, you will need to possess the following competencies and attributes: Outstanding stakeholder management skills Working understanding of information security related high-quality practices and requirements, including ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements, and others Experience in the management of risk, controls, and compliance Expertise in risk evaluation methodologies – qualitative/quantitative Super analytical and problem-solving abilities Super presentation making and delivery abilities Strong interpersonal abilities Ability to navigate rapid-paced environments and be flexible with working hours Fantastic communication abilities, both verbal and written Adapt quickly to changing conditions and drive high-quality change Preferred Education and Experience We are looking for candidates with the following education and experience: Relevant Bachelor's/Master's degree from an accredited university or equivalent experience 4 years of experience in third-party risk management, records security, and audit & compliance tracking (minimum of 2-3 years in TPRM/internal audit) Preferred experience with a large company and/or large four accounting company One or more credentials - CISA, CRISC, ISO27001 L.
/LI, CISSP Experience in AI/ML is a plus
Career Growth Opportunities and Learning Benefits At arenaflex, we are committed to the growth and development of our employees. As a Cyber Protection and Compliance Specialist, you will have access to a range of training and development opportunities, including:
Professional certifications and training programs Mentorship and coaching from experienced professionals Opportunities for career advancement and promotion A culture of continuous learning and improvement Work Environment and Company Culture
Our work environment is dynamic, inclusive, and empowering, with a strong focus on teamwork, collaboration, and communication.
We believe in fostering a culture of trust, respect, and open communication, where employees feel valued, supported, and empowered to contribute their best work. As a remote worker, you will be part of a virtual team, with regular virtual meetings, collaboration tools, and opportunities for social interaction. Compensation, Perks, and Benefits We offer a competitive salary of $80,000 per year, as well as a range of perks and benefits, including:
Comprehensive health insurance Retirement savings plan Paid time off and holidays
Professional development opportunities Flexible working hours and remote work arrangements Conclusion If you are a motivated and experienced GRC professional looking for a new challenge, we invite you to as a Cyber Protection and Compliance Specialist.
With a competitive salary, comprehensive benefits, and opportunities for career growth and development, this is an exciting opportunity to contribute to the success of arenaflex and advance your career in a dynamic and supportive environment. to take the first step towards an exciting and rewarding career with arenaflex!