Other Desired Qualifications

  • Positive outlook on life.

  • MUST have a sense of humor.

  • Looking to make a difference in the world.

  • Enjoy a challenging work environment with great opportunities for professional growth.

  • Be willing and able to assist with a variety of other duties that may arise.

GRC Director

USA
Contracted to Full Time

About the Role


The Director of Information Security, Governance Risk and Compliance (GRC) is a key team member supporting the Security GRC program. The role will interface directly with customers, vendors, partners and internal/external stakeholders. The Director of Information Security, GRC will apply best practices to be able to support applicable regulatory, policy, standards, and legal requirements. This role will require a keen understanding of business key assets and processes, unique business requirements, the information security program and combining this information to address residual risks.


Responsibilities


  • Develop and maintain global security risk assessment program

  • Oversee compliance to global information security policies and standards

  • Manage global security risk assessment and processing of exceptions to standard baselines or Aristocrat policy

  • Proactively identify information security deficiencies or opportunities for improvement to better enable business security at the global level

  • Provide regular reporting on the information security risk status

  • Respond to third party inquiries relating to security policies and controls

  • Support various GRC efforts such as third party due diligence, security awareness and data loss prevention


Requirements


  • Bachelor’s degree in Information Systems, Cybersecurity, or a related field.

  • Relevant experience around security governance, security compliance and risk management would be ideal

  • Familiarity of security industry standards including NIST CSF, NIST 800-53, ISO27001 and PCI DSS. Previous experience working with one of these frameworks.

  • Security certification such as CISSP, CRISC, CISM, CISA or GIAC beneficial.

  • Familiarity with GRC tools and 3rd party risk assessment tools

  • Comfortable with interfacing with internal or external organizations

  • IT Audit, internal Audit and/or risk advisory experience is a plus.

  • Comfortable working with ambiguity is a must.

  • Self-motivated and willing to take on challenges while adapting to an ever-changing operational environment.

  • Excellent analytical and problem-solving skills.

  • Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to other teams, locally and globally.

  • Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict.

  • Proven presentation and facilitation skills.

  • Must excel working in team-oriented roles that rely on ability to collaborate with others.