GRC Senior

The CLA (CliftonLarsonAllen) IT Governance, Risk & Compliance team is seeking a talented family member to contribute to our GRC services which is designed to minimize cybersecurity risks internally and with our third parties.

As a GRC Senior - Risk, and in conjunction with the Manager, GRC - Risk & the Director of IT Governance, Risk & Compliance, you will be a primary contributor to our efforts to grow CLA's risk management program, processes, and strategy. The ideal candidate will have experience in facilitating organizational change through utilization of various risk identification and mitigation strategies.

Job Requirements:

• Lead projects related to GRC services.
• Assist in managing the IT Risk Register.
• Contribute to the IT risk lifecycle process from identification, qualification, quantification, reporting and remediation.
• Collaborate with the risk working group and risk advisory team to develop corrective action plans and drive mitigation efforts.
• Apply various risk assessment strategies to identify risks and carry mitigation efforts to completion by successfully leveraging IT teams.
• Compile and quantify risks for reporting and communicate results in a meaningful way to program stakeholders.
• Document risks thoroughly and concisely to drive effective corrective action plans.
• In collaboration with IT teams, develop System Security Plans, Plans of Action and Milestones.
• Contribute to CLA IT's compliance and certification program as related to various security and privacy frameworks such as CMMC, NIST 800-171, CIS v8, HIPAA & SOC2.
• Translate cyber and privacy framework control language to technical requirements.
• Contribute to IT's external audit process, training internal IT stakeholders on best audit practices and coordinating third-party audits with external parties.
• Through effective collaborations with key stakeholders, ensure CLA is meeting our data protection commitments to our Family Members and our Clients.
• Provide application development and project management teams guidance on risk management best practices.
• Contribute to CLA IT's GRC governance and compliance functions.
• Contribute to the administration of GRC's toolbox and applications.
• Assist stakeholders in developing and maintaining CLA's business continuity and disaster recovery

Experience

• 4 years experience in information governance, electronic records management, data quality, data governance, data engineering, project management and/or information governance required

• 2 years of experience in project management or supervisory roles preferred

Education

Bachelor's degree or a combination of education and experience may be considered a degree equivalent

#LI-JH

Equal Opportunity Employer /AA Employer/Minorities/Women/Protected Veterans/Individuals with Disabilities.

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.