Jobs via Dice
Governance, Risk, & Compliance Specialist
Jobs via Dice, San Diego, California, United States, 92189
Governance, Risk, & Compliance Specialist
San Diego, CA Pay range: $99,000.00-$110,000.00. The range may be modified in the future. We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave. Responsibilities
Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals. Prepare and deliver information security training, education, and awareness activities appropriate for target audiences. Evaluate effectiveness of information security controls and recommend remediation or control re-design guidance where necessary. Fine tune and drive adoption of an information security risk assessment framework and related processes; maintain information security risk registers and perform annual assessments. Maintain knowledge of FTC Safeguards, PCI DSS, ISO 27001, and NIST CSF and ensure organizational compliance. Partner with business leaders to gain a deeper understanding of their needs and provide solutions that meet their goals and objectives while aligning with security best practices and policy. Maintain working knowledge of data privacy laws and regulations. Perform other duties, as assigned. Requirements
Bachelor; Computer Science, Information Systems, Information Technology, Software Engineering. 3+ years of experience. Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard). Skilled in audit management and experience liaising with third party auditors. Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders. Skilled in communicating technical requirements with non-technical stakeholders. Excellent oral and written communication skills. Excellent problem solving and analytical skills. Strong time management skills, including effective responsibility prioritization. Strong analytical and problem‑solving skills to identify and assess security risks and develop appropriate mitigation strategies. Familiarity with relevant industry regulations and compliance requirements such as GDPR, PCI‑DSS, CCPA, SOX, etc. Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc. Experience in technical information security roles a plus. Strong understanding of cybersecurity principles, best practices, and industry standards. In‑depth knowledge of governance, risk management, and compliance principles and practices. Ability to develop and implement risk assessment methodologies and compliance programs. Ability to successfully influence stakeholders in support of shared goals. Seniority Level
Mid‑Senior level Employment Type
Full‑time Job Function
Finance and Sales Industries
Software Development Equal Opportunity/Affirmative Action Employer
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
#J-18808-Ljbffr
San Diego, CA Pay range: $99,000.00-$110,000.00. The range may be modified in the future. We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave. Responsibilities
Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals. Prepare and deliver information security training, education, and awareness activities appropriate for target audiences. Evaluate effectiveness of information security controls and recommend remediation or control re-design guidance where necessary. Fine tune and drive adoption of an information security risk assessment framework and related processes; maintain information security risk registers and perform annual assessments. Maintain knowledge of FTC Safeguards, PCI DSS, ISO 27001, and NIST CSF and ensure organizational compliance. Partner with business leaders to gain a deeper understanding of their needs and provide solutions that meet their goals and objectives while aligning with security best practices and policy. Maintain working knowledge of data privacy laws and regulations. Perform other duties, as assigned. Requirements
Bachelor; Computer Science, Information Systems, Information Technology, Software Engineering. 3+ years of experience. Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard). Skilled in audit management and experience liaising with third party auditors. Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders. Skilled in communicating technical requirements with non-technical stakeholders. Excellent oral and written communication skills. Excellent problem solving and analytical skills. Strong time management skills, including effective responsibility prioritization. Strong analytical and problem‑solving skills to identify and assess security risks and develop appropriate mitigation strategies. Familiarity with relevant industry regulations and compliance requirements such as GDPR, PCI‑DSS, CCPA, SOX, etc. Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc. Experience in technical information security roles a plus. Strong understanding of cybersecurity principles, best practices, and industry standards. In‑depth knowledge of governance, risk management, and compliance principles and practices. Ability to develop and implement risk assessment methodologies and compliance programs. Ability to successfully influence stakeholders in support of shared goals. Seniority Level
Mid‑Senior level Employment Type
Full‑time Job Function
Finance and Sales Industries
Software Development Equal Opportunity/Affirmative Action Employer
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
#J-18808-Ljbffr