IT Governance Risk & Compliance Senior Associate - Global - (732)
Business/Department: Global Shared Services
Job Category: Information Technology
Location: Various locations including Mumbai, New Delhi, Mexico City, or Johannesburg
Closing Date: 16/11/2024
ABOUT DALBERG
We are a global group working to build a more sustainable planet and inclusive societies where all people can thrive. As a diverse, purpose-driven community of professionals, we collaborate with local communities and global networks to create bold and equitable solutions and develop the next generation of impact leaders.
ABOUT YOU
We are seeking an individual for the role of IT Senior Associate - Global Governance Risk and Compliance in our Global Shared Services IT Team (GSS-IT) who can lead the identification of projects and collaborate with multiple pillars to enhance the standardization, efficiency, and maturity of the GRC function. Specifically, you are eager and able to demonstrate the competencies below:
- In-depth knowledge of ISO27001 and GDPR standard and control requirements.
- Knowledge of Data Privacy/GDPR concepts and controls.
- Experience in performing InfoSec compliance reviews/gap assessments.
- Prior experience facing or being part of internal/external audits related to ISMS or IT General controls (ITGC) tests.
- Understanding of structured and unstructured data types.
- Conceptual knowledge of data discovery, data retention, and data disposal lifecycle.
- Exposure to, or at least a conceptual knowledge of, cloud environment security and VA/PT.
WHAT YOU WILL DO AND HOW YOU WILL GROW
Responsibilities:
- Design and establish a new security framework for various operational processes, procedures, standards, and guidelines for the IT Governance Program.
- Prepare and maintain the firm's ISMS policy/procedure document.
- Facilitate and liaise with stakeholders to close all audit findings within time.
- Assist in the implementation/enforcement of the security policy/procedure across the firm.
- Provide and support the implementation of IT GRC initiatives globally.
- Drive infosec awareness program across the firm.
- Assist in security process automation initiatives.
- Undertake the annual Business Impact Assessment (BIA) exercise to ensure business continuity.
- Remain current with industry best practices and monitor the legal and regulatory environment.
- Coordinating with stakeholders at regional offices to ensure compliance and facilitate audits.
- Driving the remediation of control deficiencies.
- Report to the Global IT Head.
Minimum Requirements:
- A bachelor's degree in IT, cyber security, or a related field; a master's would be a plus.
- Minimum of 4 years of relevant experience in cyber security/GRC/information security/ISMS implementation.
- Knowledge of security-related technologies (e.g., IDAM, PAM, Patch Management tools, DLP, Antivirus, Firewall, etc.)
- CISA, CISSP, CISM, or any other certification related to ISMS/information security would be a plus.
- Strong understanding of IT Infrastructure, including Cloud and M365 environments.
- Strong written and verbal communication skills.
- Excellent interpersonal and relationship-building skills.
What we offer:
A highly collaborative and entrepreneurial organization that provides the platform to make an impact on day one.
A uniquely talented, diverse, passionate, and fun team.
A culture supportive of employee work/life balance.
Competitive benefits and career development opportunities.
JOIN OUR TEAM
We would love to see your resume, cover letter, and portfolio of relevant past work.
Please submit your application at our Career Centre by 11:59PM EST on 16th November 2024.
During the same recruitment period, please only apply to one position at Dalberg.
Dalberg values its people and recognizes the importance of balancing professional and personal demands. Qualified and interested candidates irrespective of age, gender, race, religion, background, or ethnic affiliation are encouraged to apply for the vacancy.
#J-18808-Ljbffr
