GRC Lead

Infosys is seeking a GRC Lead. This role requires technical proficiency across in the consulting team player in the consulting team that helps design and implement the security policies, compliance framework and will be responsible for managing the enterprise-wide Risk Register. This candidate will strategically address risk and policy governance requirements in line with business outcomes. Leverage cyber security and IT risk management expertise to drive risk reduction and maintain up-to-date, comprehensive risk policies aligned with industry standards and regulations.

Required Qualification

• Candidate must be located within commuting distance of Richardson, TX or be willing to relocate to these areas. This position may require travel in the US.
• Bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• At Least 4 years of experience in Information Technology.
• At least 3 years of years of experience in Cyber security space, at least lead the risk management programme as a GRC practitioner and have administrative knowledge of CyberGRX Third party Risk management tool.
• Manage and maintain enterprise-wise Risk register
• Responsible for Governance through owning and managing risk policies, standards and guidelines. Including conducting regular reviews with the internal stakeholders and update to address emerging risks and regulatory changes.
• Perform Capability Maturity Model (CMM) self-assessments quarterly and update the CMM score on the master template.
• All applicants authorized to work in the United States are encouraged to apply.

Want more jobs like this?

Get jobs in Richardson, TX delivered to your inbox every week.

Get Jobs

Send me The Muse newsletters for the best in career advice and job search tips.

By signing up, you agree to our Terms of Service & Privacy Policy.

• Drive and support Risk Register automation efforts
• Manage and execute the IT/OT Cybersecurity Policies and Procedures development and refresh
• Govern the Third-Party Risk Management program
• Manage and report on Management Action Plans (MAP)
• Publish and manage changes of NIST 800-53 knowledge base articles.
• Security qualifications ie., CISSP,CISA,CISM
• Experience with a variety of compliance frameworks, such as NIST Cybersecurity framework, ISO 27001, ISO27002 and SOC2.
• Solid understanding of regulations, industry standards, and leading practices related to the security of IT infrastructure and cloud as well as data security and privacy.
• Excellent communication and collaboration skills to engage with global strategic programs and the business function leaders to drive the security objective.
• Working knowledge of NIST 800-53
• Working knowledge of ISA/IEC 62443 framework
• Experience and desire to work in a Global delivery environment