GRC Lead – IT Risk Management & Compliance

Macpower Digital Assets Edge LLC

Cupertino, CA

Apply

JOB DETAILS

JOB TYPE

Full-time

SKILLS

Auditing, Business Analysis, Cloud Computing, Communication Skills, Computer Science, Computer Security, Customer Support/Service, Detail Oriented, Establish Priorities, ISO (International Organization for Standardization), Information Technology/Systems Audit, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Maintain Compliance, Requirements Management, Risk Analysis, Risk Management, Security Analysis, Security Auditing, Set Goals, Software as a Service (SaaS), Technical Leadership, Technical Writing, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Evaluation, Vendor/Supplier Selection, Vulnerability Scanners

LOCATION

Cupertino, CA

POSTED

30+ days ago

Job Overview: We are looking for an experienced GRC Lead with 8+ years of expertise in IT Risk Management, Audit, and Compliance. The ideal candidate should have a strong understanding of ISO 27001, NIST 800-53, vendor security assessments, and cloud security controls. Key Responsibilities: Lead IT Risk Management, Audit, and Compliance efforts. Implement ISO 27K controls annexures and strategies. Conduct IT security assessments, including audits, vulnerability scanning, and policy reviews. Perform third-party security risk assessments based on ISO 27001 and NIST 800-53. Review supplier technical documentation and vendor security controls. Identify and measure risks associated with vendor security. Document and track risks and recommendations for vendor security gaps. Coordinate and perform vendor security reviews. Ensure compliance with cloud-based technologies (IaaS, SaaS) and data protection requirements. Assess business and security risks across multiple global geographies and suppliers. Perform security audits against published standards. Maintain strong customer service and attention to detail. Work independently, setting goals and priorities. Must-Have Skills: 7+ years of experience in Cyber Security, GRC, and Data Security. Strong expertise in ISO 27001 and NIST 800-53 for third-party security risk assessments. Experience in identifying and measuring vendor security risks. Deep understanding of ISO 27K controls annexures and implementation strategies. Strong background in IT Risk Management, Audit, and Compliance. Excellent communication skills to work with technical and non-technical teams. Preferred Qualifications: ISO 27001 LA/LI certification. Bachelor's degree in Computer Science, Information Security, or a related field. Minimum two years of recent experience in information systems audit or security reviews. Strong problem-solving and analytical skills.

About the Company

Macpower Digital Assets Edge LLC

Resume Resources

Free Resume Templates Free Resume Builder