Job Description
We are seeking a skilled and experienced GRC Specialist to join our team. The ideal candidate will have a strong background in Governance, Risk, and Compliance (GRC) and will help us develop, implement, and maintain our compliance and security programs. This role will be crucial in ensuring our organization’s adherence to regulatory standards, particularly in SOC 2 Type II, ISO 27001:2022, PCI DSS, and data privacy regulations.
Key Responsibilities:
- Develop, implement, and manage information security policies, procedures, and controls in alignment with SOC 2 Type II and ISO 27001:2022 requirements.
- Conduct regular audits and assessments to ensure compliance with relevant regulations, including SOC 2 Type II and ISO 27001 standards.
- Collaborate with cross-functional teams to implement and maintain an effective GRC framework.
- Conduct risk assessments and gap analyses to identify areas for improvement in data security and compliance.
- Lead and support efforts for ISO 27001:2022 certification processes, including preparation, documentation, and coordination of internal and external audits.
- Stay updated on changes in data privacy regulations, PCI DSS standards, and other relevant regulatory requirements.
- Provide training and guidance to employees on GRC best practices, policies, and compliance requirements.
