We are seeking an experienced Security professional to strengthen our Governance, Risk & Compliance (GRC) program across IT Security and Risk Management, AI Risk Management and development of AI-related documentation, and Cloud Security domains.
This individual contributor role will support the development, maintenance, and review of security policies, standards, procedures, and other governance documentation; support certification and audit readiness; conduct security control assessments; and help drive consistent governance practices across technology and business environments.
The role will work closely with cross-functional teams globally to support enterprise security initiatives and ensure alignment with recognized frameworks and standards.
Senior Specialist – Governance, Risk & Compliance (Security)
We are seeking an experienced Security professional to strengthen our Governance, Risk & Compliance (GRC) program across IT Security and Risk Management, AI Risk Management and development of AI-related documentation, and Cloud Security domains.
This individual contributor role will support the development, maintenance, and review of security policies, standards, procedures, and other governance documentation; support certification and audit readiness; conduct security control assessments; and help drive consistent governance practices across technology and business environments.
The role will work closely with cross-functional teams globally to support enterprise security initiatives and ensure alignment with recognized frameworks and standards.
Support IT Security and Risk Management activities, including control testing, evidence collection, and remediation tracking.
Develop, maintain, and review security policies, standards, procedures, and control documentation to support regulatory, contractual, and organizational security requirements.
Conduct risk assessments across IT, Cyber, Cloud, and AI environments, ensuring timely mitigation of identified risks.
Contribute to AI Risk Management and AI management system activities, including risk and control assessments related to Generative AI, LLMs, and automated systems, as well as supporting associated governance documentation and framework alignment.
Support Cloud Security Governance, ensuring configurations and controls meet internal standards and client expectations.
Coordinate with global teams to support ISO 27001, ISO 42001, and related security and compliance programs.
Assist in internal and client audits, preparing responses, audit evidence, and corrective action documentation.
Maintain GRC dashboards, reports, and risk metrics to communicate control effectiveness and compliance posture.
- Complete all assigned, mandatory training within the timeframe provided
- Conduct and/or participate in regularly scheduled 1:1 meetings with direct manager and/or direct reports
10+ years of experience in IT Security, Cyber Risk, or GRC roles.
Hands-on experience with IT and Cloud Risk Management programs.
Strong understanding of security controls, risk management principles, and cloud security (AWS, Azure, GCP).
Working knowledge of AI governance and emerging regulatory frameworks (e.g., ISO 42001, EU AI Act).
Familiarity with ISO 27001, NIST CSF, and related security frameworks.
Excellent analytical, documentation, and communication skills.
Preferred Certifications: CISA, CISSP, CISM, CRISC, ISO 27001, ISO 42001