Senior Information Security GRC Specialist

Job Summary

A company is looking for a Senior Information Security Governance, Risk, and Compliance Specialist.

Key Responsibilities

• Lead testing and documentation of IT controls related to financial reporting and SOX
• Plan and manage technology-focused SOX compliance audits and risk assessments
• Support GRC activities including policy governance, compliance monitoring, and risk management

Required Qualifications

• Bachelor's degree in Management of Information Systems or related field; Associate's degree may be considered with relevant experience
• 5+ years of experience in IT SOX audit, preferably with a Big 4 or large regional public accounting firm
• Knowledge of information security frameworks and IT controls frameworks, such as ISO/IEC 27001 and NIST
• Relevant security certifications preferred (e.g., CISA, CIA, CISSP)
• Experience with implementing or using GRC tools