GRC Specialist

Around the globe, we help cities and industries manage, optimize and make the most of their resources. We provide an array of solutions related to water, energy and materials to promote a cleaner more sustainable world for all of us.

The collective expertise and passion of our people, combined with a broad portfolio of over 10,000 technologies, makes us uniquely positioned to deliver solutions that positively impact the environment. Come be part of something special - start your journey today! 

WHAT YOU WILL BE DOING
The GRC Specialist leads the development and implementation of processes and solutions for assessing risk and managing complex regulatory and industry standard requirements across diverse business and technology landscape. The position requires a highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; standards and testing; risk assessment; awareness and education; and development of policies, standards and
guidelines.

Responsibilities

• Contribute to the implementation and continuous improvement of security
• GRC processes such as Policy Management, Information Risk Management, Compliance Management, etc
• Support, configure, test, implement, and maintain the GRC processes in the applicable GRC product, working closely with the business, IT, Security and3rd party development/implementation partners.
• Operationalize and manage the awareness and adoption of GRC processes.
• Track remediation and/or audit activities and relevant metrics to communicate status, demonstrate progress and build awareness of GRC processes.
•  Facilitate internal and external audits.
• Support the companys  privacy efforts by ensuring risk assessments, vendor reviews, and applicable controls are implemented.
•  Ensure policies, standards, and procedures are updated and communicated on an annual basis.
• Cultivate relationships with security, IT, legal, risk, and business stakeholders to strengthen security governance and risk management

Qualifications

•  Experienced. 7+ years in the information technology field with 4+ years of combined risk management, risk consulting, GRC product implementation and /or security work experience.
• Educated. B.S. degree or equivalent work experience in security, risk management, compliance, information systems or other relevant fields.
• Cybersecurity certifications preferred. (CRISC, CGEIT,CISSP or equivalent.)
• Knowledgeable. Knowledge of qualitative and quantitative risk management approaches and processes, including proven implementation experience.
• Knowledge of and experience applying security, risk and control frameworks such as NIST, COBIT, and ISO. Knowledge of security practices and controls applied to address security risks Technically Savvy. Experience with General IT concepts and technologies.
• Able to learn GRC technologies and quickly apply their application to everyday work processes.
• Self-driven, organized and high level of integrity, ownership and trust.
• Strong Communicator. Ability to effectively interact with internal and external customers, managers, and staff.
• Detail oriented. Superior written and verbal communication and attention to detail.

We offer competitive compensation and benefits working in a dynamic environment with challenging projects and training provided to ensure your success.

We realize diverse teams make smarter decisions, deliver better results, and build stronger communities. We’re an organization that champions diversity and inclusion at every level and are proud to be an equal opportunity workplace!

All your information will be kept confidential according to EEO guidelines.

As an inclusive company, Veolia is committed to diversity and gives equal consideration to all applications, without discrimination.