#16338_R226895
Conduct comprehensive risk assessments of IT systems, applications, and business processes
Maintain and contribute to risk management frameworks and methodologies
Ensure compliance with relevant industry standards and regulations
Identify, document, and manage risks in the risk register
Collaborate with IT and business teams to implement risk mitigation strategies
Monitor, assess, and report on the effectiveness of risk management controls
Independently manage and successfully complete multiple audits as the auditee, from preparation to closure
Assist in reviewing security incidents and their potential impact on business operation
Monitor vulnerabilities and assist IT teams with tracking vulnerability management remediation
What We Are Looking For:
Education: Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field. Master's degree is a plus.
Experience: 3-5 years in IT risk management/governance or information security with a heavy focus IT compliance.
Heavy exposure to business processes, providing IT compliance advisory services to the business.
Proven track record in IT risk assessments and mitigation actions.
Demonstrated ability to independently manage multiple IT audits end-to-end as the auditee.
Technical Knowledge: Strong understanding of IT governance frameworks (e.g., COBIT, ITIL) and risk assessment methodologies (e.g., FAIR, OCTAVE, NIST RMF).
Compliance Expertise: Must have experience with multiple compliance frameworks, including ISO 27001 and CMMC. Familiarity with GDPR, HIPAA, PCI DSS, TISAX, DFARS-252.204-2017, FedRAMP and SOX is highly desirable.
Tools and Technologies: Proficiency in risk management and GRC (Governance, Risk, and Compliance) platforms.
Business Acumen: Understanding of business processes and their intersection with IT systems.
Project Management experience is a plus!
Key Competencies
Excellent communication and presentation skills, including the ability to explain complex technical concepts to non-technical stakeholders.
Proven ability to manage and successfully complete audits independently, demonstrating strong organizational and documentation skills.
Strong analytical and critical thinking abilities.
Adaptability to keep up with evolving compliance & regulatory changes, security threats, and technologies.
Collaboration skills and ability to work in cross-functional teams.
Effective time management, especially during busy ISO and other audit cycles.
Strong ethical behavior and commitment to maintaining confidentiality.
Experience working with publicly traded companies and/or firms under multiple certifications is highly valued.
Preferred Qualifications
The ideal candidate is one that has worked in lockstep with various business units from an IT Risk advisory perspective.
Candidates that have been auditees and handled end to end ISO 27001 audits from inception to closure.
Relevant certifications (e.g., CRISC, CISM, CISSP, CISA, RMP)
Experience with cloud security compliance and emerging technologies
Knowledge of IoT and AI/ML security implications
What's In It For You:
At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That's why we offer competitive financial compensation, including various compensation plans, and a solid benefits package.
Remote work!
Medical, Dental, Vision Insurance
401k, With Matching Contributions
Paid Time Off (including sick, holiday, vacation, etc.)
Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options
Growth Opportunities
Short-Term/Long-Term Disability Insurance
And more!
Annual Hiring Range/Hourly Rate:
$70,300.00 - $100,089.00
Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Location:
US-GA-Alpharetta, Georgia (Morris Rd)
Time Type:
Full time
Job Category:
Information Technology
EEO Statement:
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy)
We anticipate this requisition will be open for a minimum of five days, though it may be open for a longer period of time. We encourage your prompt application.