·       Compliance Management: Monitoring regulatory changes and assessing their impact on the organization's operations. Developing and enforcing policies and procedures to ensure compliance with relevant laws, regulations, and industry standards. Conducting regular audits to identify potential compliance risks and offering guidance to resolve them.

·       Risk Management: Assessing and analyzing the organization's risk exposure and developing risk mitigation strategies. Identifying and evaluating the potential risks associated with business processes, systems, and operations. Collaborating with internal stakeholders to establish risk mitigation plans and monitoring progress to ensure compliance.

·       Governance: Assisting in the development of corporate governance structures and frameworks that promote transparency, accountability, and ethical behavior. Supporting the governance team in implementing best practices and ensuring the organization's adherence to internal policies and guidelines. Participating in governance committee meetings to provide insights on risk and compliance matters.

·       Training and Awareness: Developing and delivering training programs to ensure employees are aware of compliance requirements and understand their roles in maintaining a compliant environment. Creating and disseminating educational materials, including newsletters, presentations, and manuals, to promote a culture of compliance and risk-awareness throughout the organization.

·       Technology and Automation: Assisting in the implementation and management of GRC software tools and technologies to streamline processes and enhance efficiency. Collaborating with IT teams to ensure data integrity and security within GRC systems. Keeping up to date with emerging technologies and industry trends to identify opportunities for continuous improvement.

·       Reporting and Documentation: Creating and maintaining accurate records of compliance activities, including policies, procedures, guidelines, and audit findings. Preparing reports and presentations for management and regulatory bodies to demonstrate compliance status and highlight any areas of concern. Collaborating with internal and external auditors during audits or inspections.

·       Stakeholder Engagement: Collaborating with various departments and stakeholders, including legal, finance, operations, and HR, to ensure alignment in risk, compliance, and governance efforts. Building strong relationships with regulators, industry associations, and other external parties to stay informed about regulatory changes and industry best practices.

Certifications Required

ISO 27001 Lead Implementor, ISO 27001 Lead Auditor, ISO 31000 Risk Management, CRISK, CISA

Additional Skills

Proficiency in HIPAA, PCIDSS assessments