Implement and drive activities related to technology risk reduction, governance, and compliance with policies and external regulatory compliance.
Evaluate IT risks and develop risk mitigation strategies and corrective actions.
Provide recommendations to improve organizational security posture through process improvement, policy automation, and continuous evolution of capabilities.
Document and report on security gaps and provide remediation guidance, prepare management reports, and track remediation activities.
Conduct risk and exception assessments by assessing multiple inputs from internal/external sources
Conduct due diligence assessments on third-party vendors using supply chain risk management practices.
Implement effective processes within the GRC function to automate and continuously monitor information security controls, exceptions, risk reporting metrics, dashboards, and evidence artifacts.
Interviewing various stakeholders across the organization to determine security controls implementation and effectiveness by collecting and analyzing evidence documenting findings and tracking to closure.
Skills
Bachelor's degree in Business Administration, Finance, Risk Management, or a related field.
Strong understanding of governance, risk management, and compliance principles.
Excellent analytical and problem-solving skills with attention to detail.
Proficient in Microsoft Office Suite (Excel, Word, PowerPoint) and data analysis tools.
Effective communication skills, both written and verbal, to convey complex information.
Ability to work collaboratively in a team-oriented environment and manage multiple tasks simultaneously.
Prior experience in management consulting or a relevant internship is preferred but not required.
