HP Governance Risk Compliance 

United States, Texas 

595534659

Governance Risk and Compliance

Key Responsibilities:

• Lead the development and implementation of cyber risk management strategies using the FAIR model and SafeSecurity platform.

• Conduct comprehensive risk assessments and quantify cyber risks in terms of loss magnitude and likelihood.

• Collaborate with cross-functional teams to identify, assess, and mitigate cyber risks.

• Provide expert guidance on GRC practices and ensure compliance with industry standards and regulations.

• Implement and integrate the NIST Cybersecurity Framework (CSF) into the organization's GRC practices.

• Develop strategies to align the organization's cybersecurity efforts with the NIST CSF, including identifying, protecting, detecting, responding, and recovering from cyber threats.

• Communicate risk findings and recommendations to senior leadership and stakeholders.

• Stay current with emerging cyber threats, vulnerabilities, and best practices in risk management.

Qualifications:

• Bachelor's degree in Information Security, Cybersecurity, Risk Management, or a related field. Advanced degree preferred.

• Minimum of 10 years of experience in GRC, with a strong emphasis on risk management.

• In-depth knowledge of the FAIR model and experience using the SafeSecurity platform.

• Proven track record of conducting risk assessments and developing risk mitigation strategies.

• Strong understanding of the NIST Cybersecurity Framework (CSF) and experience implementing it in GRC practices.

• Strong understanding of industry standards and regulations related to cybersecurity and risk management.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work effectively in a fast-paced, dynamic environment.

Preferred Skills:

• Certifications such as CISSP, CISM, CRISC, or similar.

• Experience with other cyber risk management frameworks and tools.

• Strong leadership and project management skills.

• This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.

Data & Information Technology

Full time

No shift premium (United States of America)

-

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.