We believe that we make a difference every day. To do that, we need committed and engaged employees. Our people are accountable for delivering world-class service and they are passionate about making the world a safer and more secure place. Our teams operate with integrity and respect for one another fueled by an entrepreneurial spirit.What we look forAn effective communicator, you are a confident team player with a genuine passion to make things happen in a dynamic organization. If you're ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.Job purposeReporting to the Process Security Risk Team Lead, you will be responsible for developing and executing a comprehensive control framework focused on ensuring that security is maintained throughout business processes. This role involves identifying operational risks, assessing control environments, and providing recommendations to mitigate risks.Main ResponsibilitiesMaintain and develop our control framework focused on securing business processes that allow effective monitoring, management, and mitigation aligned with business objectives associated with the operations of our organization and our technology.Identify potential risks within processes and implement risk mitigation strategies and controls.Support the development of standards, procedures, policies, and improve our positioning through process improvement, policy automation, and the continuous evolution of capabilities and our control framework.Develop comprehensive audit plans outlining the scope, objectives, and methodology for assessing operational risks.Document and report control failures and gaps to stakeholders.Provide remediation guidance and sometimes drive projects to ensure deployment of mitigation actions or process improvements and prepare management reports to track remediation activities.Required QualificationsMinimum qualificationsBachelor's degree in Information Systems, Information/Cyber Security, Finance, Economics, Law, or other relevant studies.A pragmatic approach developed through hard-won experience working in GRC departments and direct experience supporting processes to:Define, create, and execute a control framework. It is key to have experience in documenting security procedures, policies, and standards.Perform assessments and conduct compliance and maturity assessments using international standards and best practices from various industries.Ensure that all risks and non-conformities are actively managed, monitored, documented, and mitigated if possible.Support the analysis of the root causes of operational exceptions as well as assist in the development and completion of risk mitigation.Define and track KPIs/KRIs and generate reporting adapted for different levels and stakeholders.Perform controls audits and execute remediation plans not only internally but also for third parties and partners, and support the completion of business unit-specific risk/control self-assessments.Work experience in a professional environment preferred, including:Demonstrated planning and problem-solving skills.Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2, GDPR, etc.).Demonstrated experience working on activities related to process improvements.Demonstrated experience translating functional requirements to small activities.Experience organizing and carrying out risk assessment and compliance projects.Ability to successfully support audits (external and internal), compile evidence, and organize audit responses.Fluent written and verbal communication skills in English.Travel availability.Preferred qualifications / Personal CharacteristicsRelevant security certification like CIA, CISA, CRISC, ISO 27001.Proficient with MS Office, project management, and at least one GRC tool (recommended).Familiarity with auditing, monitoring, controlling, and process assessment frameworks.
#J-18808-Ljbffr
