GRC Lead IT Risk Management & Compliance

Macpower Digital Assets Edge Private Limited

Cupertino, CA

JOB DETAILS
SALARY
$67–$67 Per Hour
SKILLS
Analysis Skills, Auditing, Business Analysis, Cloud Computing, Communication Skills, Computer Science, Computer Security, Customer Support/Service, Detail Oriented, Establish Priorities, ISO (International Organization for Standardization), Information Technology/Systems Audit, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Internet Security, Maintain Compliance, Problem Solving Skills, Risk Analysis, Risk Management, Security Analysis, Security Auditing, Set Goals, Software as a Service (SaaS), Technical Leadership, Technical Writing, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Selection, Vulnerability Scanners
LOCATION
Cupertino, CA
POSTED
13 days ago
Job Overview: We are looking for an experienced GRC Lead with 8+ years of expertise in IT Risk Management, Audit, and Compliance. The ideal candidate should have a strong understanding of ISO 27001, NIST 800-53, vendor security assessments, and cloud security controls.
Key Responsibilities:
  • Lead IT Risk Management, Audit, and Compliance efforts.
  • Implement ISO 27K controls annexures and strategies.
  • Conduct IT security assessments, including audits, vulnerability scanning, and policy reviews.
  • Perform third-party security risk assessments based on ISO 27001 and NIST 800-53.
  • Review supplier technical documentation and vendor security controls.
  • Identify and measure risks associated with vendor security.
  • Document and track risks and recommendations for vendor security gaps.
  • Coordinate and perform vendor security reviews.
  • Ensure compliance with cloud-based technologies (IaaS, SaaS) and data protection requirements.
  • Assess business and security risks across multiple global geographies and suppliers.
  • Perform security audits against published standards.
  • Maintain strong customer service and attention to detail.
  • Work independently, setting goals and priorities.
Must-Have Skills:
  • 7+ years of experience in Cyber Security, GRC, and Data Security.
  • Strong expertise in ISO 27001 and NIST 800-53 for third-party security risk assessments.
  • Experience in identifying and measuring vendor security risks.
  • Deep understanding of ISO 27K controls annexures and implementation strategies.
  • Strong background in IT Risk Management, Audit, and Compliance.
  • Excellent communication skills to work with technical and non-technical teams.
Preferred Qualifications:
  • ISO 27001 LA/LI certification.
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • Minimum two years of recent experience in information systems audit or security reviews.
  • Strong problem-solving and analytical skills.

About the Company

M

Macpower Digital Assets Edge Private Limited