No more applications are being accepted for this job
- Vendor Security Assessments . Solid hands-on experience doing end-to-end vendor security risk assessments/reviews (full life cycle) – at least 2 years of experience needed
- Client/Customer Security Questionnaires . Experience responding to Client/Customer Security Questionnaires regarding security posture of company.
- Security Risk . Experience with security risk management, inherent risk, residual risk, risk matrix, risk statements, risk register.
- Technical Understanding of Security Controls . Very good technical understanding of security controls – especially in relation to ISO 27001 – including but not limited to web application penetration testing, web application firewall, SOC 2 Type II, security certifications. The ability to speak clearly about security controls to the business in simple terms.
- Communication . Excellent oral and written skills to internal staff of all levels, senior stakeholders.
- Respond to client security questionnaires, RFP/RFI's, and audit requests.
- Perform third-party security vendor diligence, liaise with business stakeholders to perform assessments and identify risk and monitor activities of existing vendors.
- Respond to and maintain the GRC service queue (ServiceNow) for tickets escalated to the team.
- Any experience with OneTrust GRC tool or similar would be useful
- Bachelor's degree – whether in Information Security, Computer Science or related areas.
- Industry recognized certification in security such as, for e.g., CISSP, CISA, CISM, CRISC, ISO
GRC specialist - United Kingdom - Morgan Philips Group
Description
GRC specialist (Governance, Risk Compliance)
I am working with a professional services client based in Central London who is looking for a GRC specialist to join their global team with the governance, risk and compliance team. This is a fast paced environment where you will be exposure to different environments and gain further experience within this field.
Experience
Education
This is a permanent role based in Central London, the role does offer hybrid working which includes attending the office on a weekly basis as well as some remote working. The salary on offer is £70,000 - £85,000 dependent on experience. The client will only consider those who have the right to work in the UK and will not provide any sponsorship.