Senior Security Specialist – GRC/CRISC
Looking for an opportunity to leverage your expertise in cybersecurity, audit, and risk management? Apply Now!
Working with one of our top financial clients, this role calls for a Senior Security Specialist – GRC/CRISC. The position involves critical oversight of IT governance, security controls, and compliance initiatives, supporting both project delivery and day-to-day operations. You will be integral to maintaining and enhancing the organization’s risk mitigation strategies, with the chance to work on cutting-edge technology solutions, including AI, while collaborating with a talented team of security professionals.
Responsibilities
- Lead and execute assessments of audit and regulatory finding remediations to ensure effective mitigation of risks within technology infrastructure and applications.
- Provide expert advice to technology teams on IT audit standards, governance controls, and risk frameworks, facilitating compliance and continuous improvement.
- Develop and improve governance, oversight, and control practices related to risk identification, control design, and operational effectiveness.
- Monitor emerging trends and industry standards, offering strategic insights and raising awareness on relevant risks and opportunities.
- Drive continuous improvement initiatives by applying agile and lean methodologies, incorporating innovative tools such as AI, ML, and data analytics solutions.
- Collaborate closely with stakeholders across multiple teams, ensuring alignment of risk management objectives and remediation plans.
- Evaluate and oversee the implementation of remediation activities concerning regulatory, audit, and compliance findings.
Desired Skill-Set
- Minimum of 10 years’ experience in IT audit, governance, risk management, and controls within a regulated environment.
- Strong expertise in IT governance standards such as NIST, COBIT, and ITIL.
- Proven experience with IT security controls, regulatory remediations, and risk frameworks.
- Deep knowledge of AI, machine learning, and data analytics applications and their integration into security and risk management processes.
- Excellent verbal and written communication skills, with the ability to explain complex concepts clearly to technical and non-technical audiences.
- Strong organizational skills and the ability to manage multiple priorities simultaneously.
- Experience in project management and change management methodologies, including Agile frameworks like Scrum, Kanban, or Extreme Programming.
- Certification in CRISC, CISA, or CISSP (preferred or as a plus).
Nice to Have
- Six Sigma certification.
- Experience with tools such as RSA Archer, JIRA, Confluence, SharePoint, and MS Office Suite.
- Prior experience working as a contractor or employee within a financial or regulated industry environment.
- Knowledge of AI/ML trends, frameworks, and tools guiding innovative solutions in security and governance.
BeachHead is an equal opportunity agency and employer. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.