Grc Consultant Jobs

One of our clients is looking for GRC Consultant to work hybrid in Jakarta.

Responsibilities

• Develop and direct compliance control monitoring programs to ensure compliance-related risks are managed to the appropriate level of acceptable residual risk.
• Identify the associated compliance control gaps and oversee the documentation, implementation, and testing of the entire compliance control portfolio.
• Remediate all compliance control deficiencies.
• Perform Digital Risk Assessments by analyzing and assessing the current and future threat landscape, providing the leadership team, with a realistic overview of risks and threats from an overall controls perspective
• Create a digital compliance risk assessment framework and periodically assess all the compliance risks and control measures in place
• Create a Digital Risk & compliance training and awareness program that periodically educates the requisite end-user community on the relevant Risk& compliance requirements, and certifies their adherence to the relevant compliance controls
• Identify and resolve any issue of non-compliance, with a related standard or framework
• Implement and maintain compliance issue management tracking and resolution process that will address known issues, according to the severity and potential impact to the organization.
• Determine and maintain an inventory of all Digital Policies, Quality standards, and technology compliance requirements.
• Conduct necessary compliance control monitoring and testing activities to determine the effectiveness of the controls.
• Work with the Internal Change Control process team to ensure that compliance control, security requirements, and Quality standardare met before deployment to production
• Coordinate audit-related tasks such as ensuring the readiness of Digital organizations for audit testing and facilitating the timely resolution of any audit findings.

Qualifications

• Knowledgeable about NIST, CIS guidelines, various other IT Security regulations & baseline controls
• Experience in information technology security is a strong requirement, and a person should have experience in at least one or more technology at some time.
• Bachelor's degree in law or any related disciplines
• Certification in SAP GRC
• Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration
• 3- 5 years experience in IT Governance, Risk & Compliance