Grc Commercial Lead Irc267244

Description Join GlobalLogic to be a valid part of the team working on a huge software project for the world-class company providing M2M IoT 4G 5G modules e g to the automotive healthcare and logistics industries Through our engagement we contribute to our customer in developing the end-user modules firmware implementing new features maintaining compatibility with the newest telecommunication and industry standards as well as performing analysis and estimations of the customer requirements Requirements Good to have knowledge in ISO 22301 Experience in Creating Business Contuity Disaster Recovery Policy and Standard Documents Experience in Creating Business Impact Analysis Template and working experince in collecting and analyzing the data Experience in defining RTO and RPO Experience in managing various BCP and or DR drills tests Passionate to perform internal audits Job responsibilities Internal Audit Develop an annual audit plan based on a thorough risk assessment and in alignment with organizational goals and regulatory requirements Lead and coordinate internal audit engagements to evaluate the effectiveness of GRC controls policies and procedures around ISO 27001 27701 NIST800-53 PCI DSS SOC2 IRAP Conduct audits across various departments and functions to assess compliance with company policies industry standards and regulatory requirements Identify and assess key risks related to governance risk management and compliance Collaborate with stakeholders to develop risk mitigation strategies and action plans Monitor and report on the implementation of risk mitigation initiatives to ensure effectiveness Ensure compliance with relevant laws regulations standards and internal policies Focus on SOC2 ISO 27001 ISO 27701 PCI DSS HIPAA NIST and IRAP Stay abreast of regulatory changes and industry trends to update audit procedures and compliance programs accordingly Provide guidance and support to business units on compliance-related matters Prepare clear and concise audit reports detailing findings recommendations and corrective actions Present audit findings and recommendations to senior management and audit committee members Facilitate discussions with stakeholders to address audit findings and promote continuous improvement in GRC practices Supervise and mentor audit team members providing guidance and professional development opportunities Foster a culture of integrity accountability and continuous learning within the audit team Conduct performance evaluations and provide constructive feedback to team members PCI DSS Conduct thorough assessments and audits of systems processes and controls to evaluate compliance with PCI DSS Payment Card Industry Data Security Standard requirements Identify gaps vulnerabilities and areas of non-compliance and provide recommendations for remediation Prepare detailed assessment reports documenting findings observations and recommendations for improving PCI DSS compliance Communicate assessment results to clients including technical and non-technical stakeholders in a clear and understandable manner Provide expert guidance and advisory services to clients on PCI DSS requirements controls and best practices Assist clients in developing and implementing remediation plans to address identified compliance deficiencies Assess and evaluate risks associated with payment card data processing and storage within client environments Recommend risk mitigation strategies and controls to enhance security posture and compliance with PCI DSS standards Collaborate effectively with clients internal teams and external auditors to facilitate the PCI DSS assessment process Serve as a trusted advisor and subject matter expert on PCI DSS compliance matters ISO 27001 Lead the implementation of the ISO 27001 27701 standard across the organization including scoping planning and executing ISMS initiatives Develop and maintain project plans timelines and deliverables to ensure successful implementation of ISO 27001 27701 requirements Conduct comprehensive risk assessments to identify information security risks and vulnerabilities Develop risk treatment plans and controls to mitigate identified risks in alignment with ISO 27001 27701 guidelines Develop review and update information security policies procedures and guidelines to comply with ISO 27001 27701 standards Ensure policies and procedures are communicated effectively to all employees and stakeholders Develop and deliver training programs on information security policies procedures and best practices for employees and stakeholders Promote awareness of information security requirements and responsibilities throughout the organization Plan and conduct internal audits of the ISMS to assess compliance with ISO 27001 27701 standards and organizational policies Monitor and track corrective and preventive actions CAPAs to address audit findings and improve ISMS effectiveness Maintain documentation of ISMS activities including risk assessments policies procedures audit reports and records of compliance activities Prepare regular reports and presentations for senior management on the status of ISMS implementation compliance and improvement initiatives What we offer Culture of caring At GlobalLogic we prioritize a culture of caring Across every region and department at every level we consistently put people first From day one you ll experience an inclusive culture of acceptance and belonging where you ll have the chance to build meaningful connections with collaborative teammates supportive managers and compassionate leaders Learning and development We are committed to your continuous learning and development You ll learn and grow daily in an environment with many opportunities to try new things sharpen your skills and advance your career at GlobalLogic With our Career Navigator tool as just one example GlobalLogic offers a rich array of programs training curricula and hands-on opportunities to grow personally and professionally Interesting meaningful work GlobalLogic is known for engineering impact for and with clients around the world As part of our team you ll have the chance to work on projects that matter Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what s possible and bring new solutions to market In the process you ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today Balance and flexibility We believe in the importance of balance and flexibility With many functional career areas roles and work arrangements you can explore ways of achieving the perfect balance between your work and life Your life extends beyond the office and we always do our best to help you integrate and balance the best of work and life having fun along the way High-trust organization We are a high-trust organization where integrity is key By joining GlobalLogic you re placing your trust in a safe reliable and ethical global company Integrity and trust are a cornerstone of our value proposition to our employees and clients You will find truthfulness candor and integrity in everything we do About GlobalLogic GlobalLogic a Hitachi Group Company is a trusted digital engineering partner to the world s largest and most forward-thinking companies Since 2000 we ve been at the forefront of the digital revolution - helping create some of the most innovative and widely used digital products and experiences Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products platforms and services