GRC Specialist - Customer Trust

About HireRight

HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide.

Overview

This role reports to the Information Security, GRC Manager focusing on Customer Trust and will assist in the management of all aspects of corporate information security/ cybersecurity compliance, risk management, third-party vendor management, and operational monitoring, particularly as they relate to Customer Trust. The goal is to ensure that the organization's Information Security policies and procedures are implemented and well documented in customer-facing assessments and communications, and that compliance issues are identified and remediation plans formalized in a timely fashion. Additionally, specialists may perform internal reviews from time to time and report risks/ risk management strategies to avoid non-compliance if issues should arise.

Responsibilities

• Independently evaluate and analyze issues or recommendations for improvements in processes to mitigate risks and bring programs and operations into compliance with the goals and objectives of the Corporate Compliance Program and communicate results to management and other key stakeholders.
• Take a lead role in completing customer facing risk assessments, internal project security reviews, coordination of corrective action activities, and communication of assessment results.
• Serve as company representative with clients and partners, responding to security questionnaires and managing audits using established SOPs
• Continually review and improve customer-facing assessment/audit processes and procedures.
• Assist in developing and administering on-going IT compliance monitoring and governance activities.
• Advise internal business counterparts on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities.
• Contribute to various project requests from functional teams to increase operational efficiency, strengthen security/IT environment, and help meet the company's internal and external regulatory/compliance requirements.
• Perform ad-hoc compliance requests or additional duties as assigned
  
  
  

Qualifications

Education:

BS, BA in Information Technology, Computer Science or other related

Business/Technology/Analytical studies

Security , CISA, CISM, ISO 27001 Lead Auditor, or similar certification a plus

Experience:

• 2-3 years experience supporting information security customer trust functions including responding to customer security questionnaires, coordinating customer audits, supporting internal customer-facing functions, and managing internal security knowledge resources.
• Extensive information security regulatory compliance experience or knowledge: ISO 27001, PCI DSS, SOC 2, EI3PA, SOC 2 Type II, or similar
• Experience interpreting industry and regulatory requirements and authoring supporting controls.
• Experience performing third-party assurance assessments; AuditBoard, CyberGRX and/or SIG experience a plus
• Excellent client relationship and customer service skills, with a clear client focus.
• Strong project management skills; Jira experience a plus.
• High degree of independence and exceptional work ethic with a team player attitude and a solution-oriented mindset
• Familiarity with core IT and Information Security Technologies
• Exceptional interpersonal, written and oral communication skills. Note: nearly all customer facing interactions require English language proficiency.
  
  
  

What Do We Offer

In exchange for your expertise, HireRight offers an excellent employee benefit package which includes:

• Medical
• Dental
• Vision
• Paid Life/AD&D Insurance
• Voluntary Life Insurance
• Short & Long Term Disability
• Flexible Spending Accounts
• 401K
• Generous Paid Time Off Program
• 10 Paid Holidays
• Education Assistance Program
• Business Casual Attire
• Generous Referral Program
• Employee Discounts and Rewards
• And much more!
• All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
  
  
  

HireRight, LLC is an Equal Opportunity Employer

Minorities / Females / Veterans / Disabilities

HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee