GRC Risk Management Specialist

November 6

Apply Now

Receive Emails with Similar Jobs

Stride, Inc.

WebsiteLinkedInAll Job Openings

education • curriculum development • virtual school • online education • online school

5001 - 10000

Description

• Conduct risk assessments and ensure compliance with major regulatory initiatives. • Implement and manage cybersecurity and information security programs based on industry-standard frameworks like NIST CSF and ISO/IEC 27000. • Maintain comprehensive knowledge and understanding of information security risk management and IT controls frameworks and methodologies such as ISO/IEC 27005, COBIT, and OCTAVE. • Provide subject matter expertise in Risk Management Principles (risk avoidance, transfer, mitigation, acceptance) and risk assessment process. • Provide support for security governance activities, including managing communication about security policies, standards, and control frameworks. • Identify, assess, track, and report on security risks across the enterprise. • Track risk decisions and remediation plans and communicate risks to both technical and non-technical audiences. • Develop reporting for management by analyzing IT security controls and risk exposure. • Identify IT security risks to the business, work with the security team on client security reviews, and drive the development of remediation plans for both when appropriate. • Facilitate internal and third-party information security risk assessments and work closely with functional groups or departments to prioritize and remediate findings. • Drive effective collaboration across all lines of business and provide relevant awareness training to control owners. • Drive continuous quality improvement.

Requirements

• Bachelor’s degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, Information Security Risk Management or related field required AND Seven (5) years of experience in IT Security, IT Governance, Risk, & Compliance • Equivalent combination of education and experience, including prior relevant military service experience. • Demonstrable understanding of security controls and risk assessment tools. • Demonstrable understanding of information security and the relationship between threat, vulnerability, and information value in the context of risk management. • Demonstrable understanding of risk-based decision-making. • Demonstrable understanding of leading-edge governance-enabling technologies. • Demonstrate experience with risk assessments and compliance with major regulatory initiatives (e.g. SOX, PCI-DSS, HIPAA, FedRAMP). • Demonstrate experience with cyber security and information security program management and frameworks (e.g., NIST CSF, ISO/IEC 27000, etc.). • Ability to develop relationships across functions and inspire trust and confidence through effective communication and interpersonal skills. • Experience managing cybersecurity controls based on a thorough understanding of industry standards and regulations to protect the company from external and internal threats. • Excellent communication and presentation skills (verbal and written). • Project management planning and organization skills. • Ability to identify, document, and communicate information security issues to business and information owners. • Ability to maintain the confidentiality of sensitive information. • Microsoft Office (Outlook, Word, Excel, PowerPoint, Project, Visio, etc.); Web proficiency. • Ability to clear required background checks.

Benefits

• Eligible employees may receive a bonus. • Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.