GRC Expert - Governance Risk Compliance (with Cyber Security knowhow)
Posted on Apr 16, 2021 by Swisstech Recruitment
Responsibilities and tasks
- Create a Security Design for a project which covers Confidentiality, Integrity & Availability aspects incl. IAM, Security aspects of Interfaces and eg Monitoring. Most projects will involve a business application but you may also occasionally face a more technical infrastructure project.
- Manage a project's security risk assessment: fill out questionnaires + interact with Subject Matter Experts with the objective to obtain an approval for the project
- Support a Project Manager in the definition of their implementation plan for the security design, monitor and review the project deliveries while you collect evidence of the implementation.
- Organize and manage pen-tests performed by Group-level and by external pen-test organizations. Validate-distribute and monitor security action items reported by pen-tests to those who responsible and set action due-dates.
- Perform a hands-on Security configuration review for applications or project-oriented part of the infrastructure.
- Perform a review of IT General Controls executed by other parts of IT, or perform the execution of the IT Control eg in topic areas such as continuity management, change management or re-certification of access rights
A successful candidate will report to the Head of Security, Governance, Risk and Compliance
Strong command of the English and German languages, both verbally and in-writing, is sought-after.
Candidates should be able to show upward at least 5 years Full time experience in a GRC or Security position
For all permanent positions based in Switzerland, SWISSTECH Recruitment works with their SECO licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Please submit applications and direct any enquires directly to SWISSTECH Recruitment.