About the job :

Cloud Peritus is looking to hire a GRC Specialist - Governance,Risk and Compliance Analyst!

Responsibilities :

1) Lead comprehensive security assessments, including risk assessments, vulnerability assessments, and penetration tests to identify and mitigate security risks.

2) Implement controls that are required to stay compliant with DPAs signed with our Clients and ensure the documentation and necessary training and handle incidents as per controls in these agreements.

3) Develop and implement information security policies, standards, and procedures in accordance with industry best practices and regulatory requirements.

4) Collaborate with IT and our practitioners to ensure the effective implementation of security controls across enterprise systems.

5) Conduct security training and awareness programs to educate employees on security best practices and emerging threats.

6) Act as a subject matter expert on security incidents, leading investigations and coordinating response efforts.

7) Stay abreast of the latest security trends, threats, and technologies to proactively recommend improvements to our security architecture.

Experience :

1) 5+ years of experience in information security or related fields with a strong focus on risk management and compliance.

2) Deep knowledge of regulatory compliance requirements (e.g., OCPA, CCPA and the GLBA)

3) Deep knowledge of security frameworks such as NIST, ISO 27001, or CIS Controls.

4) Experience with security tools and technologies, including SIEM, IDS/IPS, and endpoint protection solutions.

5) Proven ability to communicate complex security concepts to both technical and non-technical stakeholders.

6) Relevant industry certifications such as CISSP, CISM, or CEH.