Description
Job Title: Infosec or GRC Leader
Location: San Francisco, CA ( Remote position)
Duration: 6+ Months (Contract)
Work Time zone: PST Hours
Responsibilities:
• Support implementing and managing Information -Security Management Systems in accordance with ISO27001 standards.
• Support Risk Management program and co-ordinate Risk assessment activities
• Enhance existing Common Controls to align with business & customer needs and align with Information security policy and Standards.
• Coordinate ISMS roll-out efforts to individual business units in scope and support ISO27001 certification effort.
• Manage compliance and sustaining efforts to maintain Common controls implemented at individual business units.
• Support Supply Chain and Third-Party Vendor Risk management program activities
• Help prepare Security Assurance materials for internal and external audiences, including maintaining our Security responses to customer questionnaires.
• Prepare regular metrics related to Trust office programs, including ISMS, for management updates.
• Assist with evidence gathering for audits, update centralized GRC tool with audit performance, and perform related compliance activity.
• Assist in POC and enhancement of GRC tool supporting Trust office objectives.
• Perform Ad-hoc activities required to support the Trust office.
• Support ad-hoc meetings /updates in the early morning IST and PST Time Zone.
Skill Set:
• 8-10 Years experience in Information Security, Compliance, Risk Management
• Expertise in Information Security implementation for ISO 27001 and other relevant standards such as SOX (US role)-NIST 800- 53, CMMC
• Preferred Certifications: CISSP, ISO 27001 Lead Auditor or Implementer