Security GRC Specialist - Legal & Insurance

We are seeking a Security GRC (Governance, Risk, and Compliance) Specialist to join our client's team in Austin. 

As a Security GRC Specialist, you will be responsible for managing various aspects of governance, risk, and compliance activities, ensuring alignment with industry frameworks and standards. The ideal candidate will possess strong knowledge of security frameworks, vendor management, and security control maturity, along with exceptional problem-solving skills and a proactive approach to GRC.

Key Responsibilities:

• Third-Party Vendor Management: Respond to security assessments, questionnaires, and audits from clients and third-party partners. Perform assessments and ensure compliance with security requirements.
• Policy Management: Lead in the creation and maintenance of security policies, standards, processes, guidelines, and support documentation. Technical writing for policies, standards, and communications.
• Compliance Management: Evaluate and support processes to ensure IT systems meet cybersecurity and risk requirements. Conduct evaluations to determine compliance with published standards. Manage exception requests and track security control exceptions.
• Assessment Management: Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
• Advisory Services: Serve as a subject matter expert for Information Security consulting to technical and non-technical management and staff.
• Security Awareness Management: Align, define, and execute security awareness training. Evaluate cyber training/education courses and methods.
• Administration of GRC Technology Platforms.

Requirements:

• Strong knowledge of security frameworks (ISO, NIST, SOC, STIG).
• Experience in vendor management and security control maturity.
• Familiarity with threat detection and lifecycle management.

Nice to Haves:

• Understanding of SIEM Solution Tools, Email Security & Forensics, Detection & Intrusion (working knowledge, not hands-on).
• Exceptional problem-solving skills and creative thinking.
• Dynamic and agile learner willing to take initiative and get involved in GRC activities.

Extra Qualities:

• Proactive approach to GRC challenges.
• Ability to think creatively and propose innovative solutions.
• Dynamic and agile mindset, eager to contribute to GRC initiatives.

Location: 

• Hybrid - Austin (Monday & Fridays WFH, Tuesday, Wednesday & Thursday in office)

Salary: 

• $120,000 - $135,000 Base per annum

If you possess the required skills and are looking for an opportunity to make a significant impact in the realm of security GRC, we encourage you to apply for this position.