Your personal job search agent

Find a job



    show more options

IT Risk and Governance Technical Lead GRC - Richmond, VA

Company: Request Technology - Craig Johnson
Pay: $125000.00 - 140000.00 Annually, Bonus
Job type: full-time
Category: Information Technology and Services

Apply now
(no registration required)

Upload your resume
see similar jobs you may like
find connections at this company

Job description

Prestigious Enterprise Company is currently seeking a IT Risk and Governance Technical Lead with ISO 27K experience. Candidate engages with multiple risk, compliance, business area management, technology owners and external stakeholders. The position will provide timely and quality service to ensure that financial, regulatory, and compliance risks are adequately identified, communicated, and tracked for remediation. This position is also responsible for managing Information security policies and standards life cycle including compliance measurement, training, communications and strategic planning.


* Lead IS Governance and Risk's continuous process improvement projects such Application Security risk assessment and Self-assessment process against IS standards.
* Support requirements gathering and design efforts of critical projects as needed
* Perform security risk assessments (SRA) according to the Company SRA framework and IS standards for both custom developed and third-party applications within the Company Infrastructure.
* Assist in identifying application control deficiencies and the associated risks.
* Document identified IS risks to incorporate relevance and impact to Company systems, infrastructure and business process
* Communicate effectively orally and in writing and express conclusions and recommendations in a clear, technically sound manner, understand and communicate how vulnerabilities can be exploited within technology and the Company environment in a manner that resonates with the business areas
* Provide remediation recommendations and/or recommend alternate solutions to resolve gaps against IS Standards.
* Develop and maintain relationships with internal and external customers to formulate information security risk solutions for Company
* Provide security consulting and advisory services to business units and project teams.
* Develop action plans and/or recommend alternate solutions to resolve exceptions to standard operating procedures.
* Develop and maintain process, risk methodologies and SOP documentation for all IS GRC related functions
* Researches and maintains knowledge base regarding Industry frameworks, best practices, information security issues, solutions and potential implications for Company.


* 10 years of hands-on technology risk, security and/or governance experience.
* Bachelor degree in Information Systems or related field or an equivalent combination of education and experience.
* CISSP, CISA, CISM or equivalent designation.
* Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800 series, COBIT, etc.)
* Solid understanding of network security, OSI model, and information security architecture, previous work as a security engineer is a plus
* Demonstrated knowledge in penetration testing tools and techniques.
* Experience managing and developing baseline security configurations and experience with common industry guidelines (CIS, STIGs, etc.)
* Expertise in IT process improvement methodologies (lean, six sigma, agile etc.)
* Secondary mortgage market or equivalent financial services experience.

Preferred Skills:

* Demonstrated written and communication skills.
* Demonstrated organizational skills with respect to time management and work production
* Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
* Experience using Risk Management (GRC) tools such as Archer, Agiliance is a plus
* Expert in using MS Office Suite, particularly in PowerPoint and Excel
* Experience with project management and/or program management. (SDLC, Agile, etc.)

More jobs you may like

Governance Risk Compliance (GRC) Information Security Senior
Information Security Governance Risk and Compliance Lead
Senior Common Securitization Platform (CSP) Specialist, Change Managem
Senior Java Interface Developer
Change Management Operations Analyst

New account

Log in

Current country: :: Contact us :: Terms of use :: Privacy policy :: Credits :: Benji Jobs international: Jobs in the US :: Jobs in the UK :: Jobs in Canada

Jobs in Argentina
Jobs in Australia
Jobs in Austria
Jobs in Bahrain
Jobs in Belgium
Jobs in Brazil
Jobs in Canada
Jobs in Chile
Jobs in China
Jobs in Colombia
Jobs in Czech Republic
Jobs in Denmark
Jobs in Finland
Jobs in France
Jobs in Germany
Jobs in Greece
Jobs in Honk Kong
Jobs in Hungary
Jobs in India
Jobs in Indonesia
Jobs in Ireland
Jobs in Israel
Jobs in Italy
Jobs in Japan
Jobs in Korea
Jobs in Kuwait
Jobs in Luxembourg
Jobs in Malaysia
Jobs in Mexico
Jobs in Netherlands
Jobs in New Zealand
Jobs in Norway
Jobs in Oman
Jobs in Pakistan
Jobs in Peru
Jobs in Philippines
Jobs in Poland
Jobs in Portugal
Jobs in Quatar
Jobs in Romania
Jobs in Russia
Jobs in Saudi Arabia
Jobs in Singapore
Jobs in South Africa
Jobs in Spain
Jobs in Sweden
Jobs in Switzerland
Jobs in Taiwan
Jobs in Turkey
Jobs in the United Arab Emirates
Jobs in the United Kingdom
Jobs in the United Stated
Jobs in Venezuela