MiSolutions Consulting

Position Description: • Support the implementation and ongoing cadence of the GRC Component Assessment and Control Testing Processes to internal defense personnel and project teams. • Create and publish supporting documentation for new/updated processes. • Create and deliver audience specific training and communications for new/updated processes to IT and Business partners. • Work effectively with cross-functional and cross regional stakeholders with varying levels of business/technical skills. • Collect sufficient quantitative and qualitative data to accurately describe the current state, desired state, and root cause(s) of gaps, with guidance from others. • Analyze the future needs of customers and the enterprise, and translate these actions to enhance and mature the GRC program. • Address potential business/financial impacts, inter-related systems and risks associated with new processes and approaches. • Identify risks and issues across the multiple projects that form complex programs and large projects and support their mitigation. • Engage stakeholders to gain consensus on shared vision of project outcomes. (link removed) Anticipate up and down stream impacts and predicts/addresses obstacles. • Identify and assist in the resolution of conflicting business goals and systemic issues to enable business value realization. • Propose corrective actions to address management and governance problems within the program or project. Skills / Experience Required: • 3-5 years experience in risk management • 3-5 years experience working with control assessment and testing processes. • 3-5 years experience working with ISO 27001/2 standards, Information Security policies, risks and controls. • Excellent verbal and written communication. Experience Preferred: • Process Improvement mindset. • Knowledge of Application Development lifecycles. • Self-Starter who can work in ambiguous situations and drive to a solution. • Strong organizational skills; able to advance multiple work streams concurrently. • Prior experience working on Governance, Risk and Compliance (GRC) tool would be a plus. • Able to function as a delivery lead for key program elements associated with the position. • Understanding of Compliance and Regulatory requirements e.g. (S-Ox, HIPAA, GLBA etc.). Education Required: • B.S. Information Systems, Computer Science or equivalent work experience in the requested field