Description
POSITION OVERVIEW
This Information Security GRC Expert – Associate Manager contributes to Morae success by
implementing, and maintaining people, process and technology-oriented policies, procedures, and
controls to ensure ongoing security and compliance of Morae’s innovative technology solutions and information assets.
As a part of highly skilled Information Security team the role will focus on all areas of information
security governance, risk, and compliance for both our corporate IT environment as well as our
innovative client technology solutions serving some of the world’s largest corporations.
The role will concentrate on maintaining both technology and procedural aspects of our ISO27001 and SOC 2 Type II Regimes, Client Security Compliance, Third Party Risk Management, and Staff Security Awareness efforts. In addition, the role will contribute to defining and developing both process and toolsets for Data Classification, Data Loss Prevention, Data Privacy and Data Segregation in our environments.
Working closely with Director of Information Security, global security operations and wider technology teams GRC Associate Manager will contribute to development and review of Global Information Security Strategy, IT Risk Registers and support the work of Risk Management Committee. The GRC Associate Manager will be coaching and developing junior members of Information Security GRC team. We are looking strong Information Security expert ready to develop both their technical and GRC skillset to step up their career onto strategic management level.
KEY RESPONSIBILITIES:
• Contribute to maintenance and development of information security systems, policies and
procedures through implementation and maintenance of policies and identification of gaps
or non-compliance.
• Assist with the development, implementation, and improvement of the Morae Global
technical security processes.
• Ensuring Morae Global policies, applicable standards, customer requirements and best
practices are being followed.
• Supporting the delivery of information security projects and initiatives.
• Represent Morae Global in a professional and productive way while delivering the best in
service to our clients and during interactions with both clients and suppliers.
• Supporting the wider information security and technology team on providing a responsive
and pragmatic approach to day-to-day security issues and broader strategic initiatives
• Ensure security documents are controlled, reviewed, and updated in line with various
contractual and regulatory requirements.
• Develop and lead global information security awareness activities.
• Deliver related security communication across the organisation as required.
• Capturing evidence to support audit and compliance requirements.
• Provide support in responding to client security requests and client assurance assessments
and audits.
• Refine and maintain security dashboards and reports to support the production of security
metrics and quarterly security reporting.
• Initiate continuous improvement ideas and suggestions to increase efficiencies.
• Actively participate in wider, internal, and external information security initiatives.
SKILLS/EXPERIENCE:
• Bachelor’s degree and 5+ years of experience of working with security, privacy and legal in a
regulated environment.
• Manage relationships with senior stakeholders in support of technology.
• Demonstrable experience of implementing ISO27001 and SOC 2 Type II Security compliance
frameworks.
• Demonstrable experience and knowledge of Data Governance, Data Classification, Data Loss
Prevention technical and process implementations.
• Experience in Data Privacy Regulatory Compliance implementations – GDPR, POPI, DPDP.
• Excellent English language written and verbal communication skills.
• Ability to write clear and concise policy documentation.
• Strong communication and presentation skills.
• Collaboration and conflict management skills.
• Experience in legal sector, eDiscovery and Document Management architecture would be
advantageous.
• Understanding of IT systems and security tools, including methods, procedures, equipment,
and software used for delivery.
• Planning, and strategic management skills.
Why Morae?
Morae’s approach to employee development is unique in the marketplace. At Morae employees are
given opportunities to progress at their own pace and to influence the course of their professional
growth. This includes having the opportunity to earn a client facing role or even an oversight role
within their first year!
About Morae:
Morae is a dynamic, high-growth organization that provides an integrated suite of solutions to
corporate law departments and law firms, and partners with leading software and services
providers, both within and outside the legal industry. We are a young company but are made up of
seasoned professionals in the legal industry, with a focus on building productive long-term
relationships with employees and clients in an environment where collaboration is encouraged,
knowledge is shared freely, and diversity of thought, cultures, communities, and points of view is
embraced. Our team has the vision to create an effective solution for any business problem and the
experience to execute that vision. Learn more at moraeglobal.com. Our privacy policy can be found
here https://www.moraeglobal.com/privacy-policy