**Experienced Full Stack GRC Professional – Cyber Protection & Compliance Specialist**

Join arenaflex, a leading innovator in the field of cybersecurity, as a highly skilled GRC (Governance, Risk, and Compliance) professional. As a Cyber Protection & Compliance Specialist, you will play a crucial role in guiding arenaflex's GRC-related activities and ensuring the seamless execution of various tasks within the team. This is an exciting opportunity to contribute to the enchanting world of arenaflex from the comfort of your own home. **About arenaflex** arenaflex is a cutting-edge organization that specializes in developing and implementing innovative solutions to address the ever-evolving threats in the cybersecurity landscape. Our team of expert cybersecurity professionals formulates and implements techniques and recommendations to help organizations align with their business goals while effectively managing risks and meeting industry standards. We are committed to staying at the forefront of technological advancements, ensuring that our solutions are always ahead of the curve. **The Role** As a Cyber Protection & Compliance Specialist, you will report directly to the Manager (Governance, Threat, and Compliance), Cyber and Statistics Safety. Your primary responsibilities will include: ### Key Duties * Third-Party Risk Management (TPRM) Software: Assist arenaflex's global third-party risk management program in conducting due diligence exams related to cyber risk. * Validate incoming third-party risk assessment requests, collaborating with business stakeholders to confirm the details of the request and the scope of the engagement. * Coordinate the distribution of due diligence questionnaires to internal stakeholders/third parties, review submitted questionnaires for completeness, and identify risks arising from the current design and operational effectiveness of internal/third-party security controls. * File responses, associated findings, and remediation plans in arenaflex's systems. * Draft/review reviews for the checks performed and ensure respective business stakeholders finalize critiques. * Serve as a strong liaison to ensure any queries are responded to concerning the risk control technique and evaluation to the business or third parties as required. * Conduct continuous tracking of third-party events via arenaflex systems for current/new findings and escalate any findings to closure. * Identify opportunities for improvement within arenaflex systems and strategies. * Work closely with the Chance Lead/Supervisor to schedule and execute a range of supporting activities related to the risk management program. ### Governance, Threat, and Compliance * Lead and assist the development of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risk consistent with the organization's threat appetite. * Maintain and document compliance towards information security-related guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks. * Lead the development and delivery of compliance and risk education and ongoing communications that assist power tradition of protection and compliance. * Stay abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further identify new key risk areas. * Lead the team to preserve and guide ISO 27001 compliance. ### Competencies & Attributes for Fulfillment * Understanding and competencies in GRC-related practices and requirements, including ISO 27001, SOC 2, SSAE 16/18, and others. * Outstanding stakeholder management. * Working understanding of information security-related high-quality practices and requirements. * Experience in the control of risk, controls, and compliance. * Expertise of risk evaluation methodologies – qualitative/quantitative. * Super analytical and problem-solving abilities. * Super presentation making and delivery abilities. ### Personal Attributes * Robust interpersonal abilities. * Ability to navigate rapid-paced environments and be flexible with working hours. * Fantastic communication abilities, both verbal and written. * Adapt quickly to converting conditions and power high-quality change. ### Preferred Training & Experience * Applicable Bachelor's/Grasp's diploma from an accepted university or equivalent experience. * 4 years of experience throughout third-party risk control, records security, and audit & compliance tracking (minimum of 2-3 years in TPRM/internal audit). * Preferred experience with a large company and/or large four accounting company. * One or greater credentials – CISA, CRISC, ISO27001 L./LI, CISSP. * Experience in AI/ML is a plus. ### About arenaflex Careers If you're passionate about cybersecurity and compliance, and you're looking for a challenging and rewarding role, we encourage you to apply. As a Cyber Protection & Compliance Specialist at arenaflex, you will have the opportunity to work with a talented team of professionals who are dedicated to staying ahead of the curve in the ever-evolving cybersecurity landscape. ### How to Apply If you're interested in this exciting opportunity, please submit your application through our website. We look forward to hearing from you! Apply Job! For more such jobs please click here! Apply for this job