Governance Risk And Compliance Lead
Country : USA
State : North Carolina
County : Guilford County
Town : Greensboro
Category : Consulting - Audit
Contract type : Permanent
Availability : Full time
- Provide monitoring oversight and guidance for the resolution of accuracy/quality issues within the Access control environments for critical applications and operating systems.
- Provide continuous improvement of existing access control platforms by making recommendations for the implementation of additional controls, process improvements and organizational standards.
- Provide strong analytical analysis skills and remediation support by providing management oversight and work direction to access analyst team members.
- Establish Provisioning standards, processes and work direction for the operational team(s) involved in the provisioning of access for applications.
- Establish key operational performance metrics, monitoring and reporting for authentication, authorization and accounting (AAA) functions within the operational space.
- Define formal IAM standards and procedures consistent with the corporate security policy, legal, Compliance and regulatory requirements, and industry best practices.
- Function as a liaison between operations, compliance, provisioning and architectural teams ensuring the alignment of IT operational standards and implementation of standards to Operations leadership.
- Develop deep understanding of VF operational processes and standards driving improvements and efficiencies where possible.
- Experience with ITIL principals in operations environment.
- Support documentation of key operational functions and processes maintaining those artifacts.
- Contribute to the development and refinement of security and privacy policies, procedures, controls, and reporting with special emphasis on access control standards.
- Experienced with the implementation and management of access control standards in cloud and SAAS applications.
- Participate and contribute (e.g., through meetings, calls) during non-core working hours in support of global teams
- Serve as subject matter expert to internal business and IT partners
- Subject-matter expertise across all IAM topics as it relates to both cloud and on-premises enterprise technology, and the relationship between the architectures.
- Develop effective architecture solutions that not only satisfy immediate project requirements but also deliver a coherent, reusable, reliable and phased architecture to help the business grow and change while aligning to strategic vision.Become the Newest Member of the VF Family
Governance Risk and Compliance (GRC) Lead is responsible for implementing, managing and monitoring security operations functions within the VF environment with special emphasis on controlling access and implementing and monitoring access standards. Position functions as a liaison role within the security and operations space to manage and report on attainment of access controls standards. Works directly with organizations architecture, security, compliance and operations team members to direct and manage access controls for high risk applications.
Additional focus areas for this role include providing architectural and controls guidance during the acquisition of or implementation of new applications, tools or systems in the area of access controls and compliance with organizational standards surrounding the compliance of these applications.
Educational/ Position Requirements:
- Certifications such as CISSP, CISA, CISM, CGEIT, CRISC, GIAC, GSEC or GISP or similar/equivalent certifications are a plus.
- Combined work experience and/or educational experience totaling 6 years. Bachelor's Degree in business, finance or information technology preferred.
- 3-5 years of experience successfully leading operational technology improvements, including access control, access management, provisioning, and/or Privileged Access Management.
- Demonstrated ability to communication (oral and written) to various levels of an enterprise environment.
- Proven management & delivery of IT governance, compliance and/or quality improvement projects
- Understanding of cloud computing services/continuous delivery deployment architecture is desirable (AWS, MS Azure)
- Experience performing technical assessments & audits of application security and working with auditors (internal & external)
- Experience with industry tools (i.e. Excel, Word, MS Project, Visio, ServiceNow, SharePoint, Microsoft)Special Physical and/or Mental Requirements:
- Travel by air and overnight, as required 20% amount of time.
- Lifting and/or bending, lifting 10 lbs. of weight.