Job Description
<strong>Our Purpose</strong>At Majesco, we believe in connecting people and business to Insurance in ways that are Innovative, Hyper-Relevant, Compelling and Personal. We bring together the brightest minds to build the future of Insurance; a world where Insurance makes life and business easier, more connected and better protected.<strong>Cybersecurity GRC Specialist</strong>The Cybersecurity Governance Risk and Compliance Specialist is responsible for ensuring that the organization's operations and procedures meet industry compliance standards. This role will research regulations and policies on behalf of the enterprise, communicate the necessary requirements, apply for certifications, and serve as a subject matter expert on all compliance-related matters. As part of a growing Technology team, the Cybersecurity GRC Specialist will play a key role in supporting the security direction of the business, promoting strong risk management and compliance with security-related obligations. <strong>Roles and Responsibilities </strong><ul> <li>Facilitate and respond to customer and compliance audit questions regarding Cybersecurity policy and controls operated by IT (Information Technology) and the business</li> <li>Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.[JG1] </li> <li>Conduct and respond to Third Party Vendor Risk Assessments to identify and safeguard against undue risk presented by external entities</li> <li>Document and monitor the implementation of Cybersecurity polices and Cybersecurity controls for people, process, and technology across the business</li> <li>Discuss with stakeholders across the business key Cybersecurity control objectives</li> <li>Identify and document business risks, and work with various stakeholders including other members of the Cybersecurity team providing support in governing the risk remediation and risk acceptance processes</li> <li>Help develop and improve Cybersecurity metrics that are distributed to senior management</li> <li>Provides guidance and risk assessments of new and existing solutions, services, and business processes</li> <li>Develop and support policy documents with supporting procedures in support of compliance and Technology</li> <li>Provide recommendations and guidance on identified security and control risks.[JG2] </li> <li>In addition to GRC duties there will also be the need to implement and support various Cybersecurity controls in the organization</li></ul><strong>Key Qualifications</strong>For consideration, you must bring the following minimum skills and behaviors to our team: <ul> <li>Proven success in security, information technology or technology risk management related work experience</li> <li>Two or more years of GRC experience with a strong understanding of how to design and execute compliance activities</li> <li>Understanding of CIS Frameworks, NIST Cybersecurity Framework, ISO, SSAE18 SOC, or other industry standards</li> <li> In addition, preferable skills and behaviors include: <ul> <li>Effective communication and organizational skills, ability to multitask, strong attention to details, excellent problem solving, and follow-up skills required. </li> <li>Work independently, make decisions and multi-task effectively in a truly diverse, project-oriented environment. </li> <li>Excellent written communication and time management abilities </li> <li>Program Management (using frameworks, establishing policies and controls for compliance requirements) </li> <li>Comfort working with a globally dispersed team relying heavily on communication/collaboration tools and being able to be your own project manager</li> </ul></li></ul><strong>Education</strong> A Bachelor's Degree (or equivalent) and 4+ years of experience in one of the following functions: Corporate/Risk Governance, Compliance, Audit, Cybersecurity, Inf