GRC Consultant (AU Tech Services, WFH)
Philippines - Remote
Salary: P180,000 - P220,000 (Monthly Package)
Schedule: Monday to Friday (07:00 AM to 04:00 PM Manila Time)
What are we looking for?
Skills Required:
- Cyber Security
- Risk Management
- IT Compliance
- HIPAA
Nice to Have:
- Cyber Security Certification is a plus but not required
What will you do?
Strategy Development and Implementation
- Develop and implement tailored GRC strategies, frameworks, and roadmaps based on industry best practices, including NIST CSF 2.0, and organizational needs.
- Align governance, risk management, and compliance efforts with strategic business goals and evolving regulatory requirements.
- Provide expert guidance on integrating NIST CSF 2.0 into governance, risk, and compliance initiatives to enhance cybersecurity resilience.
- Act as a strategic advisor to leadership on embedding GRC practices into core business functions.
Risk Assessment and Management
- Conduct detailed risk assessments aligned with NIST CSF 2.0 to identify cybersecurity threats, vulnerabilities, and compliance gaps.
- Develop, implement, and monitor risk mitigation strategies based on the Identify, Protect, Detect, Respond, and Recover pillars of NIST CSF 2.0.
- Maintain and regularly update the risk register, ensuring all identified risks are documented and effectively managed.
Regulatory Compliance
- Interpret and implement relevant regulations, standards, and frameworks, such as ISO 27001, GDPR, NIST CSF 2.0, HIPAA, and PCI DSS.
- Support organizations in preparing for compliance audits and certification processes.
- Continuously monitor regulatory changes and their impact on organizational policies and practices, providing actionable recommendations.
Policy Development and Enforcement
- Develop, review, and implement security and compliance policies aligned with NIST CSF 2.0 and other applicable standards.
- Promote adherence to established policies through regular audits, training, and monitoring programs.
- Enhance cybersecurity governance by enforcing consistent compliance with NIST CSF 2.0 controls.
Auditing, Monitoring, and Reporting
- Conduct regular audits to ensure compliance with internal policies, external regulations, and NIST CSF 2.0 guidelines.
- Generate detailed reports for stakeholders, including actionable insights to improve governance, risk management, and compliance posture.
- Design and track key performance indicators (KPIs) to measure the effectiveness of GRC initiatives and alignment with NIST CSF 2.0.
Training and Awareness
- Develop and deliver training programs to enhance awareness of NIST CSF 2.0, GRC practices, and cybersecurity resilience.
Facilitate workshops on emerging risks, compliance updates, and industry best practices.
Collaborate with teams to ensure organization-wide understanding and application of NIST CSF 2.0 principles.
Technology and Tools
- Evaluate and implement GRC tools and technologies that support NIST CSF 2.0 adoption, compliance automation, and risk management.
- Provide guidance on integrating GRC software, such as SAP GRC, RSA Archer, or ServiceNow, into existing systems.
Join the awesome team and enjoy these benefits & perks:
- WFH
- Paid Vacation and Sick Leave (with Quarterly Sick Leave Conversion)
- Competitive salary package and annual appraisal
- Financial Assistance Program
- Mandatory Government Benefits and 13th Month Pay
- Regular Company Events, Work Life Balance, and Career growth opportunities
JOIN CONNECTOS NOW!
ConnectOS is certified as a Great Place to Work and is a top-rated Philippines employer of choice.
Our Australian client helps organizations make data-driven technology portfolio decisions through Enterprise Architecture, Business Analysis, Project Management, AI & Cloud solutions, and Cyber Security. They focus on the synergy between human and AI to deliver personalized AI solutions that enhance and transform business processes.
#ConnectOSCareers #JoinConnectOS
Equal Employment Statement
Employment decisions at ConnectOS will be conducted without consideration of factors such as age’, race, color, religion, gender, disability status, sexual orientation, gender identity or expression, genetic information, and marital status. ConnectOS ensures the full confidentiality of the data it processes.
ApplyJob Profile
13th month pay Annual appraisal Career growth Career growth opportunities Company events Competitive salary Financial assistance Financial assistance program Government benefits Great Place to Work Mandatory government benefits Paid Vacation Paid vacation and sick leave Quarterly sick leave conversion Regular company events Sick Leave WFH Work-life balance
Tasks- Auditing
- Collaborate with teams
- Ensure compliance
- Policy Development
- Regulatory Compliance
- Reporting
- Risk Assessment
- Risk Mitigation
- Strategy development
- Technology evaluation
- Training
AI Architecture Auditing Business Business Analysis Confidentiality Cybersecurity Cyber Security GDPR GRC tools HIPAA ISO ISO 27001 IT IT compliance Leadership NIST NIST CSF 2.0 Organization Organizational PCI DSS Project Management Regulatory Compliance Reporting Risk Assessment Risk assessments Risk Management RSA Archer SAP GRC Security ServiceNow Software
Education Certifications Timezones