AlpharettaRecruiter Since 2001
the smart solution for Alpharetta jobs

Risk & Compliance Manager

Company: HERE
Location: Alpharetta
Posted on: June 6, 2021

Job Description:

What's the role?

The Governance, Risk & Assurance, and Compliance (GRAC) team is a globally distributed team of security and privacy professionals working together to secure the world's preeminent open location data ecosystem and platform. A key enabler of our product and services within the Information Security space is a strong governance practice. You will be working directly with different members of Information Security, Information Technology, and development teams to ensure that HERE is maturing its security practices. Some examples include implementing security and IT best practices, managing its risk and control frameworks, leveraging industry leading practice GRC tools, and enhancing security and IT processes and documentation.

The Risk & Compliance Manager will work closely with members across the GRAC team and throughout the information security practice to establish, maintain, and improve our governance practice, with a specific focus on enablement of GRAC activities through the use of an enterprise GRC solution and the deployment of a common control framework. As a senior governance analyst at HERE, you will work with 3rd party assurance to ensure that not only are we adhering to best practices internally, but also ensuring our suppliers are adhering to those same best practices. You will be working with internationally distributed teams, developing a true process, risk, and control framework, automating the performance of compliance audits to scale enterprise efforts, and enhancing company-wide guidance through the creation and maintenance of enterprise documentation.

This is an opportunity to join a quickly maturing and expanding team within the world's leading location services company. You will have the ability to make direct contributions that will enable our governance function to expand and mature. As a part of this, there will be ample opportunity to present to senior leadership and lead initiatives with high leadership visibility.

Main Responsibilities:

  • Manage modifications, updates, and continuous maintenance to HERE's GRC tooling
  • Deploy and operationalize current GRC tooling modules in production that enable and streamline HERE's risk management and compliance programs
  • Author and improve enterprise-wide security documentation and define enterprise documentation architecture
  • Build and deploy process, risk, and control framework(s) across the information technology and security organizations, including the use of a common control framework
  • Develop audit plans, audit methodologies, and templates for security portions of supplier audits
  • Develop audit methodologies and audit plans for information security, IT, and privacy audits of suppliers
  • Assist in the performance of supplier due diligence as well as supplier assurance efforts
  • Provide direct support to customers and respond to customer questionnaires regarding HERE information security and IT practices
  • Travel domestically and internationally up to 10%

Who are you?

Having had success supporting and leading various projects in the GRC space, you are someone with experience enabling and leading complex technology projects with disparate business groups across matrixed organizations.

Position Requirements:

  • Knowledge of standard information security standards, regulations, and industry best practices
  • Excellent ability to communicate information security and information technology practices orally and in writing to both subject matter experts and end-users
  • Experience in implementation of process, risk, and controls
  • Extremely strong organizational skills and ability to manage multiple projects concurrently
  • Strong skills in Microsoft Office suite
  • Experience with GRC tooling such as SNOW GRC, RSA Archer, SAP GRC

  • Ability to work in a fast-paced and dynamic global team
  • Willingness to learn and grow, continually improving communication, process, and technical skills
  • Self-motivation with the ability to work independently as a team member with guided direction
  • Bachelor's degree, preferably with a focus on information security or information technology

Preferred Skills:

  • Experience in IT/Information Security assurance or advisory
  • Professional security certifications such as CGEIT, CISSP, CISA, CRISC
  • Knowledge of relevant information security standards e.g. ISO 27001, SOC II, etc. is preferred
  • Ability to work in an agile environment

HERE is an equal opportunity employer. We evaluate applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.


Who are we?

Ever checked in somewhere on social media? Ever tracked your online orders?" You might be using HERE Technologies every single day without even realizing it. You can find us everywhere: in vehicles, smartphones, drones or third-party apps. We believe that with the right people, we will continue to be a game-changer in the technology industry and improve the daily lives of people around the world. Find out more by clicking the video below or going HERE.

HERE is an equal opportunity employer. We evaluate applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.

Keywords: HERE, Alpharetta , Risk & Compliance Manager, Other , Alpharetta, Georgia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Georgia jobs by following @recnetGA on Twitter!

Alpharetta RSS job feeds