The senior consultant will be part of the Information
Security GRC team which plays a vital role in shaping and strengthening
governance, risk management, compliance (GRC), and information security
processes. His main duties are as follows:
•Evaluate
and refine the current GRC and information security frameworks, focusing on
operational efficiency, elimination of redundancies, and clear definition of
roles and responsibilities.
•Conduct in-depth analysis of the existing
information security framework, pinpointing performance gaps and devising
strategic initiatives for process enhancement and/or development.
•Identify
GRC and information security processes amenable to automation, select
appropriate technologies, and craft integration strategies to bolster
operational efficiency.
•Facilitate
comprehensive workshops with stakeholders to assess the current effectiveness,
efficiency, and security of information security processes, utilizing their
feedback to drive improvements.
•Realign
the Information Security department’s mission and vision with the broader
organizational security goals, setting specific, measurable objectives and KPIs
for continuous performance evaluation.
Develop
a structured implementation roadmap for prioritized initiatives, ensuring
optimal impact and resource allocation.
Requirements•Bachelor’s degree in Computer Science,
Engineering, Information Security or related field
•4+ years of experience in GRC and Business Process Management;
experience in Information Security is a plus.
•Demonstrated ability to conduct and
facilitate workshops, actively engaging participants ranging from operational
staff to executive leadership, with the goal of soliciting constructive
feedback and fostering process enhancements.
•Established history in the design and
optimization of processes within a corporate setting.
•Robust project management capabilities,
underscored by a history of developing and implementing detailed project
timelines and action plans.
•Proficient in both oral and written
communication, adept at explaining intricate technical and risk-related
subjects to diverse groups.
•Practical experience utilizing Power
Automate for process automation and workflow improvement.