This listing was posted on iSmartRecruit.
GRC and Audit consultant
Description:
JD:- 1. Control Assessments and Validations: o Sam wants the resources to conduct detailed assessments and validations of the cybersecurity controls in place. This includes not just evaluating their presence and basic functionality but also assessing their effectiveness in real-world scenarios. 2. Sampled Reviews for Assurance: o He is interested in implementing sampled reviews of the control assessments. This approach involves selecting a portion of the assessments for deeper examination to ensure they accurately represent the security posture and that the controls are effectively mitigating risks as intended. 3. Enhanced Accuracy and Truthfulness of Assessments: o The resources would be tasked with ensuring the accuracy and truthfulness of the control representations. This involves verifying that the controls are correctly implemented and functioning as documented, and that any claims made during self-assessments hold up under scrutiny. 4. Technical Dialogue with Product Teams: o Resources might be involved in technical discussions with product teams to understand how controls are implemented. They would ask targeted questions and request evidence, ensuring the teams are compliant with the defined cybersecurity frameworks and standards. 5. Instrumentation of Controls: o Part of their role could involve helping to build instrumentation or mechanisms that can automatically measure and verify the effectiveness of controls. This might include setting up systems that can continuously monitor the performance of cybersecurity measures and alert for any deviations from expected behavior. 6. Support Function for Cybersecurity Assurance: o Sam indicates that these resources could serve as a support function for cybersecurity assurance. They would perform assessments that are not just about compliance but are aimed at genuinely improving the security posture by providing evidence-based confirmations of the security measures’ effectiveness. 7. Evidential Assurance-Based Activities: o The resources would be responsible for carrying out evidential assurance-based activities, documenting and verifying that the cybersecurity controls not only exist but are capable of protecting the organization as expected against potential threats.
Posted:
June 3 on iSmartRecruit
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to iSmartRecruit
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: GRC and Audit consultant
GRC and Audit consultant is a Consulting Jobs Consultant Job located in United Kingdom. Find other listings like GRC and Audit consultant by searching Oodle for Consulting Jobs Consultant Jobs.
GRC and Audit consultant is a Consulting Jobs Consultant Job located in United Kingdom. Find other listings like GRC and Audit consultant by searching Oodle for Consulting Jobs Consultant Jobs.