PURPOSE OF THE POSITION:
The Manager, IT Security GRC role is part of the Information Security team, and will support risk identification and remediation. Candidates will be responsible for identifying and documenting potential risks, coordinating and tracking remediation activities with the system and/or business owners, and facilitating audit requests as required.
(Top 5 should cover 80% of the important job functions)
- Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits.
- Evaluate and develop information systems (IS) and cyber security policies and processes
- Review and assess risk posture for vendor's and third parties that interact with the compute environment
- Aid in supporting various security capabilities
(Other important duties/responsibilities)
- Participate in the Enterprise Architecture intake process to ensure that programs are assessed for risk and proper controls
Preferred: Bachelor's Degree or equivalent work experience
Required Minimum -- 7+ years information technology experience with at least 5 year in an information security or IT audit role
REQUIRED KNOWLEDGE, SKILLS or ABILITIES:
Problem Solving/Decision Making skills, Organizing and Planning, Customer Orientation, Computer Skills, Learning Agility, Oral Communication, Written Communication, Results Orientation, Team Player.
PREFERRED KNOWLEDGE, SKILLS, OR ABILITIES:
Payment Card Industry (PCI) DSS experience. Familiarity with vulnerability
Scanning technologies and processes.
DECISION MAKING AUTHORITY:
Review technologies, solutions, and vendors. Directs vendor development activities. Faciliates programs that will be recommended to franchise communict. Influence cross functional project teams within the Inspire Brands portfolio.
Yes. IT security risk analyst will report directly to this role.