Governance Risk & Compliance Resume Sample
Work Experience
- Participate in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices. Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects
- Participate in the filing and creation of the GRC goals
- Mentor and educate team members on current industry technology and issues
- Ensure that IT computers and supporting infrastructures are validated and qualified according to IT policies, procedures and standards
- Manage at least 1 Vaccines IT risk on behalf of the IT Vaccines Leadership team and represent Vaccines IT in global IT risk category boards
- Manage at least 1 local SOP and represent Vaccines IT in ITMS SOP and IBM programs (incl. Deployment to Vaccines)
- Support audit and inspections
- Experience in developing implementing, and/or managing large-scale, high profile corporate programs
- Able to articulate thoughts clearly, plan initiatives, and execute with appropriate urgency
- At least one (1) year of GRC (governance, risk, compliance) experience with methodologies, activities, tools and enablers in a highly regulated industry and two (2) – four (4) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required
- Demonstrate a strong understanding of various compliance and regulatory areas (e.g. SOX, PCI, FFIEC) or the risk register, risk exposure, risk reporting and handling of risk events
- Demonstrable analytical capability
- Develop the strategic plan and roadmap to mature the initial implementation of our RSA Archer/GRC application
- Leverage industry and technical expertise to assist management to address more effectively risks associated with the business
- Assist management in the assessment of project risks and controls
- Apply the concepts of Enterprise Risk Management to help identify, assess, mitigate and proactively consider emerging risks
- Establish and communicate priorities across the enterprise that balance the platforms strategic plan with short term goals and ad hoc needs
- Enhance internal audit functions to further align to company strategy and risk
- Lead a team of Archer Analysts responsible for the GRC program
- Coaches and collaborates with associates who assist with this work, including providing coaching, feedback and guidance on work performance
- Create and manage access recertification’s and entitlement reviews for user and privileged access
- Understand corporate strategic plans and fundamental business activities of the NFL and its member Clubs. Maintain current knowledge of applicable cyber threats, regulatory and compliance issues related to information security. Based on this knowledge, develop, maintain and oversee an enterprise-wide GRC strategy and framework aligned with the NFL’s business strategy
- Lead the IT department’s Business Continuity Planning and the league’s overall Disaster Recovery Program. Work with NFL’s Physical Security to confirm, and continue to revise as necessary the NFL’s overall BC/DR Plan
- Identify and understand management’s controls to be able to assess design adequacy and test operational effectiveness
Education
Professional Skills
- Excellent analytical, decision making and time management skills. Mature planning, organizing and delegation skills
- Strong analytical and problem solving skills to identify, analyse and mitigate GRC related risks in existing processes, policies and procedures
- Demonstrable leadership and interpersonal skills with experience in mentoring team members
- Strong experience in developing and managing technical solutions that include
- Polished communication skills including the ability to actively listen to the needs of the business
- Skills in accelerating change
- Strong knowledge and experience in managing complex project plans with interdependencies between many different projects and initiatives
How to write Governance Risk & Compliance Resume
Governance Risk & Compliance role is responsible for business, leadership, organizational, interpersonal, security, technical, organization, analytical, finance, training.
To write great resume for governance risk & compliance job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Governance Risk & Compliance Resume
The section contact information is important in your governance risk & compliance resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Governance Risk & Compliance Resume
The section work experience is an essential part of your governance risk & compliance resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous governance risk & compliance responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular governance risk & compliance position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Governance Risk & Compliance resume experience can include:
- + Strong critical thinking skills and ability to manage multi\-projects with prioritization
- + Excellent verbal and written communication skills, including attention to detail\
- Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals
- Demonstrated organization, facilitation, written and oral communication, and presentation skills
- Strong communication skills, both oral and written with ability to write reports
- + Excellent interpersonal and communication skills, both written and verbal
Education on a Governance Risk & Compliance Resume
Make sure to make education a priority on your governance risk & compliance resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your governance risk & compliance experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Governance Risk & Compliance Resume
When listing skills on your governance risk & compliance resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical governance risk & compliance skills:
- + Strong analytical and critical thinking skills with demonstrated ability to apply these skills to resolve complex business issues
- Strong problem solving skills with the ability to turn findings into executable plans and timely problem escalation
- Demonstrated leadership and team development skills, with the ability to drive performance and the attainment of comment goals
- Demonstrated leadership skills with the ability to work independently and collaboratively across various levels
- Proven ability to communicate effectively (oral and written) with customers, peers, management, contractors, and vendors
- Strong organizational skills with an attention to detail and entrepreneurial spirit
List of Typical Experience For a Governance Risk & Compliance Resume
Experience For Governance, Risk & Compliance Analyst Resume
- Demonstrated knowledge and experience in information privacy and security laws and practices (ISO 27000, PCI DSS, HIPAA, SOC, SOX, GLBA, GDPR)
- Hands on experience designing, and configuring GRC software like the RSA Archer, MetricStream, etc
- Experience developing Governance Structure
- Experience normalizing requirements to create risk libraries and mappings to a single source
- GRC experience in at least one of the following areas: privacy, risk assessments, third party management, and vulnerability management
- Experience working in an IT organization with global operations desirable
Experience For IT Governance, Risk & Compliance Manager Resume
- Experience working in a shared services IT model desirable
- Provide consultancy on project and services to support mitigation of risk and control implementation leading to effective risk management
- Experience with WBS (Workbreakdown Structure)
- 3 – 5 years relevant experience in one or more functions: information technology, software engineering, or computer networking
- 3 – 5 years relevant experience in one or more functions: risk management, audit, compliance, or privacy
- Managephishing campaigns, phishing training, testing, reporting, and consequence management
Experience For Manager, Governance Risk & Compliance Resume
- Developing an annual internal compliance testing program, i.e. a work plan that reflects VCI’s highest non-financial risks
- Developing an annual internal compliance testing program, i.e. a work plan that reflects VWGoA’s risks
- Be accountable for consistent and significant chargeability levels and for assisting in meeting or exceeding revenue and customer satisfaction goals
- Provides consultancy on applying and improving security architecture and product standards enabling optimization
- Exposure and understanding of GRC tool and technology implementation, risk assessments, risk metrics and dash-boarding
- Manage the SAP GRC application and oversee the GRC application support model engaging technical teams when necessary
Experience For Manager, Governance, Risk & Compliance Resume
- Establish procedures for ongoing vendor assessments, risk management, and remediation program governance
- Manage team responsible for responding to customer audit requests and proposal responses with input from other security team members
- Incorporate into HR onboarding
- Identify and implement process improvements while driving issue resolution/risk mitigation activities
- Build and maintain formal process documentation including procedures and process flow diagrams
Experience For Manager, IT Governance, Risk & Compliance Resume
- Develops and leads risk awareness campaigns, raising engagement with end users in alignment with local requirements
- Regional support of policy and standards exceptions leading to higher adoption rates
- Professional designation would be considered an asset (e.g. CIA, CISA, CA, CGA, CMA)
- Identify and communicate to the organization’s leadership the associated risks of vendor provided processes and services in support of critical operations
- Manage the development, maintenance and strategic direction of the company’s Business Continuity Program by leading a team that works closely with all business units to implement and manage the enterprise business continuity strategy and plans
- Practical security, risk and compliance experience
Experience For VP, Governance, Risk & Compliance Resume
- Ten (10)+ years’ experience in Security and Compliance
- Desired: (ISC)2 Certified Information Systems Security Professional (CISSP)
- Lead effort to assess, evaluate, and make recommendations regarding the adequacy of the security controls for CWB Group’s information technology systems and infrastructure with respect to the confidentiality, integrity, and availability of CWB Group data
- Strong experience in defining business and functional requirements and working with technology teams to support these requirements through automation using GRC software
- Experience mapping of Requirements, Risks and Controls
- Exposure to regulatory mandates such as GLBA, HIPAA, PCI and SOX
- Exposure to risk management frameworks such as ISO 27001, NIST and COBiT
Experience For Governance, Risk & Compliance Solutions Lead Resume
- Proven track record in designing and implementing risk management and GRC processes in one or more of the following risk areas: Information Security Risk, IT Risk, and Third Party Risk
- Develops and maintains the organization’s relevant associated compliance policies and procedures
- Assists with the development of compliance training content for debt collection and other services within the organization’s role based Training and Development Program for colleagues
- Works with IT and operations to monitor workflow routines to ensure accounts are worked in accordance with the organization’s policies and procedures and only in jurisdictions where the appropriate licensing and bonding is maintained
- Executes the organization’s vendor and service provider oversight program in compliance with CFPB requirements
- Assists with the maintenance and administration of the company’s eGRC system (Archer)
Experience For Governance, Risk & Compliance Specialist Resume
- Prepare reports for VWGoA’s Chief Compliance Officer to present to company management
- Identify and communicate to the organization’s leadership, the associated risks of vendor provided processes and services in support of critical operations
- Identify and document the GRC user group’s requirements. User group to include Enterprise Risk Management, Operational Risk Management, Legal Entity Management, Internal Audit, Information Security, SOX, Reg SCI and Business Continuity
- Translate the GRC user group’s requirements to the vendor or internal technology team in order to ensure user group’s requirements are understood and met
- Experience in the areas of Regulatory Compliance, Operational Risk, or Enterprise Risk
- Act as an expert providing direction and guidance to process improvements and establishing policies. Frequently represents the organization to external clients
- Any of the following would be considered an asset
- Chartered Professional Accountant designation (i.e. CPA-CA) or Professional Internal Audit Designation (i.e. CIA)
- Risk management designation (e.g. CFA, PRM, FRM)
Experience For Senior Analyst Governance, Risk & Compliance Resume
- Actively lead efforts related to the development of IRM requirements and the continued program development and management of Bank’s Governance, Risk and Compliance (GRC) platforms
- Monitor appropriate sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization’s information and systems, and advise management of appropriate measures to eliminate or reduce the organization’s risk or exposure to such vulnerabilities
- Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization’s ability to protect its information and infrastructure
- Experience in an IT Governance, Risk or Compliance role
- Regularly exercise significant independent judgment within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives
- Coordinates various eGRC repository system improvement projects and activities to enhance system of record and maintain effective process controls
- Apply advanced subject matter knowledge to complex business issues, and is regarded by others within DXC as a subject matter expert
Experience For Director, Governance, Risk & Compliance Resume
- Interacts with IT and business stakeholders to understand risks to critical infrastructure by defining potential business impact with the responsibility to apply effective mitigation strategies through the information security incident management processes
- Provides leadership to the team responsible for detecting and minimizing the impact of security breaches to the JCFS organization
- Maintains expert knowledge in the field of risk management including qualitative and quantitative risk management, information inventory management, data collection and analytics
- Forges relationships with local and federal law enforcement agencies in order to stay appraised of potential external threats to JCFS and have additional resources available when required
- Ensures policies and procedures are documented and updated according to SCUSA regulatory standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository / system of record up-to-date as defined by the IT Governance program
- Engages with technical process owners to understand technical process steps, draft procedures, and drive toward a completed documentation that aligns with the IT Governance program
- Coordinates the execution of control mechanism/testing against technical procedures to ensure they are being executed in an accurate and timely manner and documented in the repository system with required artifacts, while providing assistance to clients to ensure quality and compliant results
List of Typical Skills For a Governance Risk & Compliance Resume
Skills For Governance, Risk & Compliance Analyst Resume
- Excellent oral/written skills with the ability to communicate in both technical and business terms
- Project Management including time management and organizational skills
- Some SAP Security experience / SAP Module experience (Finance, Sales & Distribution, Materials Management, and Production)
- Effective time management and excellent team player
- The key skills and job responsibilities include the following
- Effectively engages JCFS business partners, suppliers and vendors to properly tune and maximize capabilities to leverage production infrastructure
Skills For IT Governance, Risk & Compliance Manager Resume
- Learn and continuously develop technical skills
- Technology experience, including troubleshooting and performing root cause analysis
- Sense of urgency in implementing programs and evaluating priorities; decisive, action-oriented and practical
- Experience in delivering results within a high pressure, fast changing, matrixed environment
- Current testing knowledge and demonstrated ability to perform and analyze results in a complex computing environment
- Experience working with Network Enterprise personnel to ensure that IA security awareness, basics, literacy and training are provided to operations personnel
- Experience working within a Risk function including
Skills For Manager, Governance Risk & Compliance Resume
- Experience in Master Data Governance (MDG) solutions including MDG strategy, governance strategy, data profiling and MDG architecture
- Operates with passion and real drive when pursuing goals
- Demonstrated knowledge in auditing, risk and compliance for technology
- Highly analytical and effective communicator capable of influencing other teams and departments
- Detailed understanding of security management and assurance practices, with hands on experience
- Experience in working with clients to capture requirements and formulate solutions
- Professional experience offering advice in Information Security
- Experience in accounting, internal and/or external audit
- Ability and experience working across multiple industry verticals to develop an integrated organizational IT Security & Risk Strategy
Skills For Manager, Governance, Risk & Compliance Resume
- Experience designing organizational IT Security Architecture, infrastructure and applications
- Experience working with external cyber intelligence organizations, such as MS-ISAC (NERC), ISC-CERT (DHS), FBI
- Relevant experience working in Information Security
- Experience working with fragmented data to create metrics and reports for individual contributors to C-level executives
- Demonstrated familiarity with State and Federal regulations including HIPAA, GLBA, SOX, and PCI
- Show tact, discretion, confidentiality and good judgement in handling sensitive and confidential matters and documentation
- Broad knowledge and experience in SAP GRC, specifically in Access Controls (Access Request Management (ARQ) and Access Risk Analysis (ARA))
- In-depth experience in security incident management processes and tools
- Maintain a strong understanding of global regulations for Information Technology, data privacy, and vendor management
Skills For Manager, IT Governance, Risk & Compliance Resume
- Develop and prepare governance KPI reports on status of risk assessment, control effectiveness, gap remediation, internal audit and examinations
- Experience in IT GRC, IT Security, Privacy and/or IT Audit role
- Experience of working with information security frameworks/standards (e.g., ISO27001, NIST, COBIT, PCI, etc.)
- Identify, develop, and operate compliance initiatives and programs
- Experience in the Information Security Compliance function within a Governance, Risk and Compliance (GRC) organization
- Working knowledge of leading reporting and business intelligence systems
Skills For VP, Governance, Risk & Compliance Resume
- Working knowledge of Committee of Sponsoring Organizations (COSO2013) Integrated Internal Controls and Risk Management Framework
- Working knowledge of general audit principles, controls processes and frameworks, metrics collection and reporting
- Working knowledge of Governance, Risk and Compliance concepts and solutions in the GRC market (EMC Archer, MetricStream, BWise, SAP, etc)
- Working knowledge of GRC and/or ERP financial application software
- Ensures a comprehensive understanding of existing requirements and ongoing monitoring of new requirements
- Areas of focus for hiring: Business Continuity Management, Control Oversight (assessment, design and monitoring) related to revenue processing and/or Privacy
- Provide training during onboarding
Skills For Governance, Risk & Compliance Solutions Lead Resume
- Support the CISO in establishing annual and long-term goals, defining risk and governance strategies, metrics, and reporting mechanisms
- Establish metrics and reporting to identify compliance gaps. Ensure there is no financial risk by managing tech debt appropriately
- Work closely with Training, Marketing, and Corp Communications on strategy and implementation of compliance communications
- Perform auditing of systems to ensure off boarding actions have been completed
- Quarterly reporting of IT Risk monitoring for Funds
- Maintain awareness of laws and regulations governing IT risk, compliance, audit, privacy and security, including GDPR
- Willingness to challenge and question the status quo, making recommendations for options and best solutions
Skills For Governance, Risk & Compliance Specialist Resume
- Able to analyse and think through highly complex issues, but then appropriate execute and implement against a well thought through framework in a seamless manner
- Understanding of audit, control, and standards such as SOX, ITGCs
- Expert understanding of IT General Controls (ITGCs) and COBIT, state and federal regulatory requirements, and industry best practices
- Proficient with US regulatory compliance and enterprise risk management standards in a consumer lending company
- Preferably one or more security certification among the following: Lead Auditor ISO27001, CISSP, CISA, CISM
Skills For Senior Analyst Governance, Risk & Compliance Resume
- Passionate around creativity, constructively and courageously challenging ‘the status quo’ with willingness to act as a change champion/catalyst
- Lead information security and cybersecurity technology planning and implementation
- Familiarity with standard risk frameworks, including ISO 27000, SANS, NIST 800-53, and standard compliance frameworks
- Recognized SME with ability to apply knowledge and influence other functions regarding best practices
- Maintain a working knowledge of applicable compliance drivers (SOX, PCI, GDRP, etc.)
- Create communication strategies for educating audience
- IT Governance in Onboarding
- Incorporate IT policies and communications into the HR onboarding process
- Work with SOX auditors to assist with updating controls
Skills For Director, Governance, Risk & Compliance Resume
- Coordinate updating of annual technology vendor questionnaires
- Promote security awareness and adoption of IT GRC standards and practices with all staff members including vendors
- Remain current on emerging security and privacy risks, trends and technologies and share with team
- Identify recurring problems and recommend proactive measures to eliminate them
- Possible travel to VWGoA locations outside Herndon, VA
- Identify ‘like’ requirements from varied users in order to implement an integrated platform
- Some exposure to SAP GRC Process Controls and Access Violation Management
- Experience communicating with senior management - ability to present findings as well as recommendations in both oral and written presentations to senior management
List of Typical Responsibilities For a Governance Risk & Compliance Resume
Responsibilities For Governance, Risk & Compliance Analyst Resume
- Create and effectively deliver presentations to clients
- Comfortable and effective in building partnerships with organizational leaders and influencing senior management
- Manage multiple projects with changing/shifting/dynamic priorities
- Strong knowledge of Cloud Security requirements
- Experience with GRC/ERM tools (i.e. RSA Archer, MetricStream, SAP GRC, Logicmanager, etc.)
- Provide strategic direction on developing, implementing auditing and risk management tools, processes, and metrics
- Coordinates and organizes IT GRC-related meetings, prepare meeting agendas, record and maintain meeting minutes, and ensure follow-up items are tracked
Responsibilities For IT Governance, Risk & Compliance Manager Resume
- Keep abreast of developing regulatory changes and assist in providing guidance to agrees new requirements
- Assist in developing an annual internal compliance and risk management testing program
- Assist with implementing controls consistent with framework
- Knowledge and understanding of relevant legal, regulatory and privacy requirements
- Continuously identify, assess, measure and monitor information technology risk by performing hands-on risk assessments
- Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation
- Continuously identify, assess, measure and monitor information technology risk by performing hands-on, data-driven risk assessments
Responsibilities For Manager, Governance Risk & Compliance Resume
- Develops, maintains and executes risk assessments
- Tracks and follows-up on risk events
- Oversee a team of SME’s in the SAP GRC space
- Maintain a global SAP security design in roles and user assignments
- Identify strategic, operational and systemic compliance related issues both internally and externally. Negotiates with and influences stakeholders to resolve issues by developing proposals, outlining solutions, and negotiating time commitments and resources affecting efficiency and accuracy within the supply chain
- Implement and maintain a Controlled Entity audit and governance program
Responsibilities For Manager, Governance, Risk & Compliance Resume
- Manage internal governance processes such as security architecture reviews, exception management, and policy management
- Lead preparation activities for regulatory inspections, 3rd-party audits, customer reviews, and internal audit requirements. Identify potential areas of risk, and develop risk mitigation strategies
- Maintain the security awareness program to educate GBT employees and 3rd parties of security controls and processes appropriate for maintaining IT systems, data privacy, and customer security
- Identifies and develops corrective actions to remediate gaps and drives the implementation of corrective actions and assesses the results
- Responsible for alignment of the compliance strategy and maintenance of GBT procedures and policies
- Exhibit strong communication, collaboration and conflict management skills to establish and maintain relationships with GBT business functions, customers, and 3rd parties
- Provides risk reviews with risk and compliance and collaboratively maintain strategies around the reporting of and maintenance for IT and 3rd party risk
Responsibilities For Manager, IT Governance, Risk & Compliance Resume
- Maintains a compliance program that outlines a strategy to ensure compliance with global policies and standards
- Select and manage the deployment of eGRC solution to assist with the maintenance of risk and policy compliance
- Develop, track, maintain common controls and status to ensure alignment with policies, standards, and regulatory requirements
- Continuously identify & assess IT-related risks to critical assets, vulnerabilities, and the adequacy of security controls
- Support and assign responsibility of control owners and ensure stakeholders are prepared for compliance audits
- Ensure we are compliant with contractor governance, on target for passing internal and FTC audits, and raise any high-profile risks to the Business Operations Lead and CIO
- Identify, research, and evaluate new compliance requirements and present them to the team and leadership
Responsibilities For VP, Governance, Risk & Compliance Resume
- Drive coordination with various teams to develop and implement controls across the organization to meet regulatory compliance requirements
- Hold accountability to manage, track and control project issues to ensure timely delivery of solutions
- Understand the governance needs of internal and external stakeholders, regulators, and auditors
- Service as an internal risk and compliance subject matter expert while interfacing with applicable departments, groups, and individuals on relevant initiatives and concerns
- Maintain and ensure that systems sufficiently and consistently perform and fulfill current compliance needs
- Serve as liaison to, and foster good working relationships with, attorneys and others needing assistance with information governance issues.Assess, formulate, monitor, and support governance practices of internal compliance requirements primarily in the fields of information security and data privacy
- GRC Roadmap ownership; Assess current GRC posture create a roadmap for improvement, implement improvements, and continually improve roadmap against organizational posture
- Conduct, document, and report on internal and third-party risk assessments to drive improvements and overall risk reduction
Responsibilities For Governance, Risk & Compliance Solutions Lead Resume
- Participate with IT Compliance team toward applicable compliance related documentation and analysis as required by internal IT Security, IT Governance, and/or external authorities and regulatory bodies
- Recommend and contribute to the evolution of appropriate KPIs
- Identify, Implment, and Maintain GRC systems to support organizational needs
- Managing a team of 3-5 risk professionals and using a metrics based approach, understand and improve current processes to meet the evolving needs of the organization
- Works as an advisor to the business areas to plan for vendor solutions towards managing the information security risk. Leads the escalation and resolution of issues with appropriate leadership including business, security, privacy, legal, compliance and IT teams towards expanding risk based approach to other GRC functions
Responsibilities For Governance, Risk & Compliance Specialist Resume
- Supports our enterprise Compliance program and audit initiatives with strong understanding of security, risk frameworks, key controls library part of enterprise governance, risk management and compliance (GRC) program and associated tools
- Experienced Information Security professional/Security Audit professional/Security Compliance professional/Cloud Security professional for enterprise technology solution
- Works closely with GRC Director towards overall program rollout and providing risk based operational metrics/management support
- Extremely metrics driven, understands, develops and delivers meaningful dashboards and reports to a wide audience demonstrating our current program state and adherence to framework standards
- Develop standard operating procedures (SOP) and other appropriate documentation to enforce quality and consistency of the services this team provides. Participates actively in GRC service offering through envisioning and evangelizing tool capabilities and improvement opportunities
- Improve operational efficiencies, create repeatable operating procedures, lead and encourages metrics based management culture. Design and report 3rd party risk management metrics to security governance leaders to enable risk oversight and governance
- 3rd Party Services Risk management Program
Responsibilities For Senior Analyst Governance, Risk & Compliance Resume
- Perform annual maintenance and audit of NIST Cybersecurity Framework across organization
- Recommend risk mitigation strategies
- Document, implement and communicate IT policies and procedures
- Facilitate annual acknowledgement as required
- Work with IT and business teams to ensure systems and applications compliance
Responsibilities For Director, Governance, Risk & Compliance Resume
- Oversee records retention requirements within the systems to be compliant with Records Retention schedule (2016 start)
- Incorporate Global Privacy laws and regulations
- Incorporate IT controls for HIPAA
- Oversight of Vendor/Managed Services Risk Governance
- Work closely with VMO to ensure security documentation is received for all new vendors
- Management and review of new vendor questionnaires
- Ensure compliance controls within vendor contracts