GRC Specialist
Position Overview:
We are looking for an experienced GRC Specialist with strong expertise in IT Governance, Risk Management, Compliance, and Cybersecurity. The role involves conducting IT audits, implementing compliance frameworks, managing risk assessments, and supporting security operations across IT solutions developed and deployed by Coventus.
Required Skills
- Strong knowledge of ITGC ,SOC , ISO/IEC 27001, and internal audit practices.
- Hands-on experience in risk management, data security, and compliance frameworks.
- Familiarity with cloud platforms (Microsoft Azure, AWS) and security governance.
- Proficiency in GRC tools (AuditBoard, HyperProof), project management tools (JIRA, Confluence).
- Excellent analytical, problem-solving, and stakeholder communication skills.
Preferred Qualifications
- 3 to 7 years of experience in GRC, IT Audit, and Cybersecurity.
- Exposure to SOC, incident response, and regulatory compliance.
- Certifications such as CISA, CISSP, ISO 27001 Lead Auditor (preferred).
Key Responsibilities
- Perform SOC/ISO compliance audits and other internal IT audits to evaluate IT general controls.
- Develop and implement risk frameworks aligned with standards like SOC2, ISO 27001, HIPAA.
- Conduct risk assessments, vulnerability analysis, and ensure compliance with industry regulations.
- Lead disaster recovery planning, business continuity exercises, and compliance readiness.
- Collaborate with cross-functional teams to ensure cloud security governance (Azure, AWS).
- Manage security program governance, policy development, and regulatory reporting.
- Support SOC operations, threat detection, and automated response initiatives.
- Drive operational excellence through automation and process optimization.