Grc Specialist - Melbourne, Australia - Capstone

Capstone
Capstone
Verified Company
Melbourne, Australia

1 week ago

Olivia Brown

Posted by:

Olivia Brown

beBee Recruiter
Description
6 Month Contract + Further Extensions

  • Melbourne CBD Location
  • 1 Day in the Office Great Daily Rate $$$

GRC Analyst/Specialist - Archer


We currently seek an experienced GRC Analyst/Specialist that can manage Cyber Security Risk & Compliance capabilities including reporting, confirmation, reviews, and mitigation activities.


You will also be required to setup and configure recent Archer implementation with key data such as risk library, attestation questionnaires, policy clauses, metrics.


You will be an experienced individual that can work well with a global team and is self-motivated and driven and can equally work alone based on clear requirements and expectations.


Key focus areas and capabilities will be as follows:

  • Significant and proven experience setting up and configuring Archer to support Cyber GRC processes.
  • Experience with Cyber GRC processes and in particular experience with the NIST Framework.

Key areas of responsibility, include configuring Archer to deliver the following:


  • Risk management
  • setting up risk libraries and developing risk management processes.
-
Audit and compliance management - setting up self-attestation questionnaires and developing an annual audit and compliance programme.
-
Project Review - developing process & associated Archer configuration.
-
Third Party Risk Management - setting up Archer to allow business units to complete tiering and reviews and provide a global view and reporting of vendors and risks.
-
Security Controls Library - setup Archer with security controls and map these to NIST Categories and sub-categories.
-
Maturity Assessment
  • Setup a selfservice maturity assessment process in Archer, providing a view of maturity against the NIST framework.
-
Exemption management - include risk library and controls libraries support the exemption process.
-
Metrics & Reporting - configure Archer to provide operational and executive level reporting to cover the abovementioned domains.


Expertise Required

  • 5+ years of work experience in information security and audit, particularly in the Governance, Risk and Compliance area.
  • 5+ years of experience with regulatory compliance and security management frameworks (e.g. ISO27000, COBIT, NIST 800.
  • Proven experience analysing, applying, and reporting on requirements relating to Cyber Security compliance and risks.
  • Proven experience setting up and working with Archer, SharePoint, Teams and Business Analytics reporting tools like Power Bi.
  • Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
  • Has the ability to interface with, and gain the respect of, stakeholders at all levels and roles.
More jobs from Capstone
See all jobs of Capstone