NO SPONSORSHIP

Security GRC Specialist II

Salary: $120k to $140k Flex plus Bonus

Misc. Info: Hybrid 3 days onsite 2 days remote

Selling Point: Must have great soft skills, be able to articulate and have good documentation skills. Enterprise GRC lots of 3rd party along with internal ISO NIST SOC SIG

The Security GRC Specialist II serves on the Governance, Risk Compliance (GRC) team, leads and executes assigned services within the GRC team. Specialist II is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department.

Third-party vendor management: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements.

Qualifications & Requirements

Bachelor's degree or five (5) years of work experience in IT Security is required.

Four (4) years of Information Security experience required.

Strong knowledge ISO 27001, NIST, SOC, SIG is required.

Prior IT Security experience in the legal industry experience is preferred.

Technical writing experience is required.

Strong knowledge of risk management principles and practices are required.

Strong knowledge of security administration and role-based security controls are required.

Three or more years of experience managing timelines and being self-directed preferred.

Governance, Risk, and Compliance (GRC) tool management