Compliance Specialist supporting various Compliance initiatives and ensuring regulatory adherence in healthcare. Reporting to the Compliance Manager and collaborating with internal departments on compliance - related projects.
SG
Hybrid GRC Senior Manager – Vice President
Posted 3 months ago
About the role
- Cyber Governance, Risk and Compliance professional at SMBC with 7+ years in Cybersecurity and IT Audit. Leading coordination of audits and compliance activities while enhancing risk management practices.
Responsibilities
- Lead role for a portfolio of assignments;
- Lead the successful coordination of various assessments or assessment activities on behalf of Cybersecurity. These assessments may include, but are not limited to: Internal Audits, External Audits, Compliance Reviews, as well as US State, US Federal, and other Region-specific Regulatory Exams;
- Familiarity with controls testing program delivery, including conducting walkthroughs, and supporting design and operating effectiveness testing.
- Enhance coordination efforts each year ensuring inefficiencies identified in previous years are actively addressed and improved.
- Direct & provide guidance to other members of the ARM team in the performance of their tasks.
- Collaborate closely with key stakeholders across the 2LoD (Operational Risk) and 3LoD (Internal Audit) as they undertake assessment / audits over Information Security controls;
- Communicate effectively and timely with auditors where necessary to affirm their understanding of controls in place to ensure the audit testing approach is effective and their requests are appropriate and clear.
- Able to confidently & clearly articulate to auditors / stakeholders controls in place and identification of compensating controls;
- In turn be able to clearly explain the request to Evidence Providers or Control Owners outlining the risks controls being tested assisting them where necessary to ensure the correct artefact is provided (Please note this is NOT an auditor role – The Cyber Governance, Risk and Compliance Manager will serve as the liaison with the Assessors)
- Collaborate with stakeholders to identify continuous improvement opportunities in Controls, Processes and Procedures.
- Assist ARM Leadership to strategically manage and develop the ARM program.
- Engage with auditors at early stage in preliminary findings to ensure completeness and accuracy of understanding
- Responsible for reviewing preliminary findings for plausibility engaging with Control Owners, Senior Management & Relevant Subject Matters Experts as applicable;
- Working with Service Providers Control Owners draft formal management responses to findings for Information Security management review with the expectation of minimal management oversight required;
- Manage and track audit issues to closure providing periodic status updates to Information Security Management
- Strong understanding of Governance, Risk and Compliance (GRC) practices to support Information Security’s adherence to authoritative frameworks (FFIEC, COBIT, NIST, ISO etc.) and U.S. regulatory expectations.
- Understanding of Information Security controls and associated risks.
Requirements
- 7 plus years experience in Cybersecurity / IT Audit (Big-4 experience or related financial services industry experience preferable) and/or Cybersecurity Risk (with active CISA and/or CRISC certification a plus) or other risk management and audit roles
- 7 plus years of experience working with common risk management frameworks, including RCSAs, control testing programs and maturity assessments
- Experience working with Cybersecurity teams to strengthen their adherence to organizationally defined Cybersecurity controls.
- Experience executing control testing, reporting, and tracking control remediation
- Strong verbal and written communication skills.
- Ability to demonstrate a self-motivated and disciplined approach to learning and working.
- Ability to work in a team environment and demonstrate leadership skills when needed.
- Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.
Benefits
- SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Air Compliance Manager developing safety programs and conducting risk assessments at a global logistics leader. Ensuring compliance with regulations and maintaining staff certifications.
Senior Consultant in Cybersecurity advising clients on EU cyber and digital compliance requirements. Collaborating with a team of experts to implement regulatory frameworks and solutions.
Senior Manager of Medicare Compliance at CVS Health overseeing Medicare compliance initiatives and operations. Leading oversight of delegated functions and engaging with internal stakeholders for compliance control.
Governance Risk & Compliance Manager overseeing GDPR compliance and managing a cross - functional team. Driving GRC projects and policies in a tech company focused on data and technology.
Compliance Manager overseeing JCI’s anti - corruption program in India. Collaborating with regional compliance and legal teams to resolve compliance issues and train personnel.
Senior Director of Regulatory Affairs at Biogen responsible for global regulatory strategy across biopharmaceutical products. Providing leadership in regulatory submissions and interactions with health authorities.
Risk & Compliance Manager ensuring compliance for the world's largest financial analysis platform, overseeing regulations and internal policies while leading risk assessments.
Managing Director leading teams on transformation delivery within PwC’s Risk and Compliance sector. Driving thought leadership and project success across large client transformation programs.
Regulatory Affairs Business Partner in a growing pharmaceutical company responsible for registration procedures in the EU. Preparing documentation and collaborating with various teams for compliance and regulatory strategy.