GRC (Governance, Risk, Compliance) Officer at Cybereason
Cybereason gives organizations the upper hand by taking an entirely new approach to cybersecurity with AI Hunting, the first AI-powered technology that answers the question “Am I under attack?” proactively, without manual effort.
We are a company that wins as one. We are daring, always evolving, and never give up. Most importantly we accept our employees for who they are and embrace people that may not fit the typical mold #UBU.
We are looking for a GRC specialist to join our Security team. You will perform internal audits and work with external auditors. You will represent our security posture in front of customers in RFPs and due diligence calls.
What You'll Do:
- Perform internal security audits and reviews, measuring the company's security posture and effectiveness of controls
- Evaluate the security posture of various 3rd party vendors & tools
- Work on RFP and Audit responses as needed
- Work with the security team on risk remediation programs
- Create and maintain security policies and procedures
- Prepare the company for external security audits and manage the external audits from the company side
What We're Looking For:
- 5+ years experience in a security auditing position
- Familiarity with common security standards, specifically ISO27001, SOC2, GDPR
- Experience in ISMS methodologies best practice security policies
- Excellent written English capabilities
- Organized and process oriented
- Federal (FedRamp) experience - Advantage
- Professional certification (CISSP, CISA, Lead Auditor) - Advantage