Job Description
Responsibilities
- Manage the cybersecurity regulatory compliance program by assessing requirements, collecting evidence, and maintaining documentation
- Monitor regulatory, privacy, and cybersecurity best practice changes and apply GRC expertise across products, practices, and procedures
- Liaise with internal and external auditors to implement and maintain compliance and data protection controls
- Manage cybersecurity examinations from internal control functions (2LoD, 3LoD) and external audits
- Track audit findings and regulatory recommendations
- Collect and automate metrics and reporting to demonstrate risk reduction
- Improve and industrialize operating models (evidence collection, reporting, documentation, and repeatable processes)
- Challenge and enhance existing practices related to regulatory exams, findings management, reporting, and control assessments
- Perform security risk assessments us...