Join arenaflex, a leading innovator in the field of cybersecurity, as a highly skilled and experienced Full Stack Cybersecurity Specialist – Governance, Risk, and Compliance (GRC) Expert. As a key member of our Cybersecurity Team, you will play a critical role in guiding GRC-related activities, ensuring the effective execution of various tasks, and contributing to the development of cutting-edge cybersecurity solutions.
**About arenaflex**
arenaflex is a dynamic and forward-thinking organization that is revolutionizing the way we approach cybersecurity. With a strong focus on innovation, collaboration, and customer satisfaction, we are committed to delivering exceptional results and exceeding our clients' expectations. Our team of experts is passionate about staying ahead of the curve, and we are constantly seeking talented individuals who share our vision and values.
**Job Summary**
As a Full Stack Cybersecurity Specialist – GRC Expert, you will be responsible for assisting the arenaflex Cybersecurity Team in managing the internal safety compliance requirements and implementation of regulations, tactics, and frameworks. You will work closely with stakeholders to ensure the effective execution of various tasks, including third-party risk management, due diligence, and compliance monitoring. Your expertise will be instrumental in helping arenaflex maintain its position as a leader in the cybersecurity industry.
**Key Responsibilities**
* Assist the arenaflex Cybersecurity Team in managing the internal safety compliance requirements and implementation of regulations, tactics, and frameworks.
* Validate incoming third-party risk assessment requests, working with business stakeholders to confirm the details of the request and the scope of the engagement.
* Coordinate the distribution of due diligence questionnaires to internal stakeholders/third parties, review submitted questionnaires for completeness, and identify risks arising from the current design and operational effectiveness of internal/third-party security controls.
* File responses, associated findings, and remediation plans in the arenaflex systems.
* Draft/review reviews for the checks performed and ensure respective business stakeholders finalize reviews.
* Serve as a strong liaison to ensure any queries are responded to concerning the risk control technique and evaluation to the business or third parties as required.
* Conduct continuous tracking of third-party events via arenaflex systems for current/new findings and report any findings to closure.
* Identify opportunities for improvement within the arenaflex systems and strategies.
* Work intensely with Chance Lead/Supervisor to timetable and execute a range of different supporting activities related to the risk management program.
**Governance, Threat, and Compliance**
* Lead and assist the improvement of cybersecurity risk and compliance-related strategies to ensure treatment of cybersecurity risk consistent with the arenaflex threat appetite.
* Maintain and document compliance towards information security-related guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks.
* Lead development and shipping of compliance and danger education and ongoing communications that assist power tradition of protection and compliance.
* Retaining abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further pick out new key risk areas.
* Lead the team to preserve and guide ISO 27001 certification.
**Competencies & Attributes for Fulfillment**
* Understanding and competencies in GRC-related activities, including third-party risk management, due diligence, and compliance monitoring.
* Outstanding stakeholder management.
* Working understanding of information security-related quality practices and requirements, including ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements, and others.
* Experience in the control of risk, controls, and compliance.
* Expertise of risk evaluation methodologies – qualitative/quantitative.
* Super analytical and problem-solving abilities.
* Super presentation making and delivery abilities.
**Personal Attributes**
* Robust interpersonal abilities.
* Ability to navigate rapid-paced environments and be flexible with working hours.
* Fantastic communication abilities, both verbal and written.
* Adapt quickly to converting conditions and power high-quality change.
**Preferred Training & Experience**
* Applicable Bachelor's/Master's degree from an accredited university or equivalent experience.
* 4 years of experience throughout third-party risk control, records security, and audit & compliance tracking (minimum of 2-3 years in TPRM/internal audit).
* Preferred experience with a large company and/or large four accounting company.
* One or greater credentials – CISA, CRISC, ISO27001 L./LI, CISSP.
* Experience in AI/ML is a plus.
**What We Offer**
* Competitive salary of $80,000 per year.
* Opportunity to work with a dynamic and forward-thinking organization.
* Collaborative and supportive work environment.
* Professional development and growth opportunities.
* Comprehensive benefits package, including health insurance, retirement plan, and paid time off.
**How to Apply**
If you are a motivated and experienced cybersecurity professional looking for a new challenge, please submit your application, including your resume and a cover letter, to [insert contact information]. We look forward to hearing from you!
**Note:** arenaflex is an equal opportunity employer and welcomes applications from diverse candidates. We are committed to creating an inclusive and respectful work environment that values diversity, equity, and inclusion.