Senior GRC Advisor

POSITION SUMMARY

The Senior GRC Advisor will conduct audit and advisory engagements and collaborate with management to identify appropriate mitigation strategies and corrective actions. Additionally, the Senior GRC Advisor will assist GRC management to facilitate risk assessments and consulting with management on risk, control, and compliance matters. The Senior GRC Advisor will assist with investigating and resolving compliance inquiries, incidents, and other matters as needed.

Essential Functions

• Conducts audit and advisory engagements to evaluate the high-risk areas, to determine the adequacy of policies, procedures and controls and, where appropriate, assess alignment with industry best practices and control frameworks, such as the Committee of the Sponsoring Organizations of the Treadway's Commission (COSO) and Control Objective for Information and related Technology (COBIT) and other relevant authoritative bodies.
• Provides support and/ or co-facilitates risk assessments (information technology, strategic, operational, financial, compliance, etc.) and other risk management activities as assigned.
• Provides recommendations to management for improvement of overall control environment.
• Collaborates with management to strengthen internal controls and/or develop corrective action plans to remediate risks.
• Assists GRC management to develop and facilitate workforce education and awareness training programs relevant to CCNC's internal control environment, risk management, and compliance responsibilities.
• Consults on projects and key initiatives providing risk management expertise to ensure risks are identified, assessed, and mitigated to an acceptable level.
• Adheres to GRC standards, policies, and procedures designed to strengthen CCNC's internal control environment, risk management, and compliance posture.
• Performs Privacy support responsibilities, such as monitoring and responding to potential privacy incidents, educate workforce on HIPAA compliance, and regularly collaborate with Privacy Officer to share best practices.
• Fulfill other GRC responsibilities as directed by management.

Qualifications

• Bachelor's degree in a financial, audit, or technology, related field
• Minimum 5-years' experience in auditing, risk management, and/or compliance
• Certified Public Accountant (CPA) and/or Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) required.

Knowledge, Skills, and Abilities

• Effective verbal and written communication
• Excellent presentation skills
• Interpersonal (listening, facilitating, interviewing) skills
• Excellent analytical, project management, and consulting skills
• At least 3 years' experience leading, planning, conducting, and overseeing complex audit and advisory engagements
• Experience conducting risk-based financial, operational, and/or information technology audits

Working Conditions

• This is a remote position, must be able to work independently with minimal supervision and meet tight deadlines.
• Must be able to utilize office equipment, computer, keyboard and phone with or without assistive devices
• Repetitive wrist motion and occasional lifting/carrying of up to 25 pounds