Consultance : Recrutement d’un.e Spécialiste principal.e du programme numérique – Gouvernance, risque et conformité des TI (GRC) à Beijing, Chine.

Consultance : Recrutement d’un.e Spécialiste principal.e du programme numérique – Gouvernance, risque et conformité des TI (GRC) à Beijing, Chine.

Responsibilities

• Maintain the IT risk management framework, conduct risk assessments and identify potential IT risks.
• Implement and maintain IT controls to mitigate identified risks and ensure compliance with applicable regulations and standards.
• Collaborate with internal and external auditors and the internal control unit to facilitate audits and control testing and ensure compliance with audit/control requirements and recommendations.
• Serve as a subject matter expert on IT governance, risk management, and compliance frameworks such as COSO, ISO27000, NIST, and GDPR, etc.
• Develop and deliver IT GRC training and awareness programs to educate employees and stakeholders on IT risk and compliance requirements.
• Monitor and analyze industry trends and regulatory developments related to IT governance, risk management, and compliance, and recommend appropriate actions.
• Lead and manage IT GRC projects and initiatives, including project planning, resource allocation, and progress tracking.
• Prepare and present IT GRC reports and metrics to senior management and other stakeholders to demonstrate compliance with applicable regulations and internal policies.

Requirements

• A minimum of 8 to 10 years of relevant experience in security, IT risk management, governance, and compliance frameworks.
• Successful track record of partnership across organizations to build trust and achieve shared goals.
• Possession of security and risk certifications, such as CISSP, CISM, CISA, CRISC, etc., would be an advantage.
• Good understanding and practical experience working with privacy and legal requirements, such as GDPR, data security, sanction, embargo, etc.
• Knowledge and experience in security, risk, and compliance frameworks such as COSO, NIST, ISO, SOX, etc.
• Solid skills in evaluating risks, understanding control, and developing governance processes to support the organization, articulate risks, develop consensus, raise awareness, and provide and implement solutions.
• Excellent communication and presentation skills. Able to communicate sophisticated and technical issues effectively and concisely to all levels.
• Ability to work collaboratively and effectively with other ITD teams, business units and other organizations.
• Effective in building partnerships with organizational leaders and influencing senior management.
• Experience in facilitating executive leadership meetings.
• Fluency in oral and written English is required.
• Master’s degree in IT, business management, risk management, or relevant field of specialization.

Apply now

Deadline : May 31, 2023