Evangelize a culture of security throughout Skillsoft through education, trust, and empathy
Develop and document governance processes, policies/standards
Develop ongoing audit/monitoring plans for the technology controls in place throughout our organization
Help with ongoing maintenance of information security policies
Develop risk assessment management processes and conduct risk assessments
Ensure the processes are aligned to the objectives and have oversight/review
Work with IT and Engineering teams to understand and assess the controls within their environments
Work with internal and external stakeholders on activities and responses related to FEDRAMP, ISO 27001, SOC 2 and other compliance programs
Perform security-related operations
Perform configuration and application technical vulnerability assessments.
Develop monitoring and detectives capabilities
Participate in incident response, including monitoring, triaging, and investigation of security events and incidents
Work with IT and Infrastructure teams on vulnerability and patch management
Perform security audits and assessments
Work with teams to remediate identified issues
Introduce standard methodologies and operational excellence in all areas of Security Compliance
Collaborate with People Operations and other teams to develop policies and procedures
Build relationships with organizational leaders and senior management
Work with stakeholders to align priorities, plan and track OKRs to ensure the success of critical projects
Work with CISO to establish goals, define governance strategies, objectives and metrics
Develop measurement frameworks and monitor progress, efficiency, and results
SKILLS QUALIFICATIONS:
Minimum of 5 years of professional experience in information security
Proven track record in security operations
Experience with GRC tools i.e ZenGRC, ServiceNow, SAP GRC etc
Proven experience in developing and leading Governance, Risk Compliance (GRC) programs with efficient process design and optimization, project management
Understanding of requirements and ability to evaluate risks, understand control and develop governance processes to support the company. Work with stakeholders on complex issues and develop consensus, raise awareness, and provide and implement solutions
Strong communication, organization, and interpersonal skills
Experience coordinating 3rd party/ vendor risk management or other security processes
Experience developing governance structures and processes