Manager Regulatory Affair at Capgemini Engineering coordinating activities for the US market. Preparing submissions to the FDA and collaborating with internal teams for regulatory compliance.
SG
Hybrid GRC Senior Manager – Vice President
Posted 4 months ago
About the role
- Cyber Governance, Risk and Compliance professional at SMBC with 7+ years in Cybersecurity and IT Audit. Leading coordination of audits and compliance activities while enhancing risk management practices.
Responsibilities
- Lead role for a portfolio of assignments;
- Lead the successful coordination of various assessments or assessment activities on behalf of Cybersecurity. These assessments may include, but are not limited to: Internal Audits, External Audits, Compliance Reviews, as well as US State, US Federal, and other Region-specific Regulatory Exams;
- Familiarity with controls testing program delivery, including conducting walkthroughs, and supporting design and operating effectiveness testing.
- Enhance coordination efforts each year ensuring inefficiencies identified in previous years are actively addressed and improved.
- Direct & provide guidance to other members of the ARM team in the performance of their tasks.
- Collaborate closely with key stakeholders across the 2LoD (Operational Risk) and 3LoD (Internal Audit) as they undertake assessment / audits over Information Security controls;
- Communicate effectively and timely with auditors where necessary to affirm their understanding of controls in place to ensure the audit testing approach is effective and their requests are appropriate and clear.
- Able to confidently & clearly articulate to auditors / stakeholders controls in place and identification of compensating controls;
- In turn be able to clearly explain the request to Evidence Providers or Control Owners outlining the risks controls being tested assisting them where necessary to ensure the correct artefact is provided (Please note this is NOT an auditor role – The Cyber Governance, Risk and Compliance Manager will serve as the liaison with the Assessors)
- Collaborate with stakeholders to identify continuous improvement opportunities in Controls, Processes and Procedures.
- Assist ARM Leadership to strategically manage and develop the ARM program.
- Engage with auditors at early stage in preliminary findings to ensure completeness and accuracy of understanding
- Responsible for reviewing preliminary findings for plausibility engaging with Control Owners, Senior Management & Relevant Subject Matters Experts as applicable;
- Working with Service Providers Control Owners draft formal management responses to findings for Information Security management review with the expectation of minimal management oversight required;
- Manage and track audit issues to closure providing periodic status updates to Information Security Management
- Strong understanding of Governance, Risk and Compliance (GRC) practices to support Information Security’s adherence to authoritative frameworks (FFIEC, COBIT, NIST, ISO etc.) and U.S. regulatory expectations.
- Understanding of Information Security controls and associated risks.
Requirements
- 7 plus years experience in Cybersecurity / IT Audit (Big-4 experience or related financial services industry experience preferable) and/or Cybersecurity Risk (with active CISA and/or CRISC certification a plus) or other risk management and audit roles
- 7 plus years of experience working with common risk management frameworks, including RCSAs, control testing programs and maturity assessments
- Experience working with Cybersecurity teams to strengthen their adherence to organizationally defined Cybersecurity controls.
- Experience executing control testing, reporting, and tracking control remediation
- Strong verbal and written communication skills.
- Ability to demonstrate a self-motivated and disciplined approach to learning and working.
- Ability to work in a team environment and demonstrate leadership skills when needed.
- Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.
Benefits
- SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Engineer IT Compliance responsible for compliance activities in regulated IT systems. Building partnerships with IT functions and ensuring regulatory alignment in pharmaceutical industry.
Regulatory Affairs Associate for managing new drug registrations and preparing documentation in the India Market. Collaborating with stakeholders and supporting compliance in bulk drug registration.
Senior Tech Compliance Analyst at Syneos Health responsible for global Technology Disaster Recovery efforts, collaborating with various teams and service providers.
BL
Chief Nuclear Officer serving as the nuclear safety authority for BaRupOn's SMR/MMR programs. Establishing safety frameworks and ensuring regulatory compliance within the organization.
International Trade Compliance Manager overseeing compliance with international trade regulations at Northrop Grumman. Leading a team and managing compliance initiatives across multiple locations in the US.
Compliance Manager leading Autodesk's Enterprise Compliance program. Ensuring compliance with SOX, PCI regulations and overseeing security controls across teams.
Compliance Student supporting compliance and risk management activities for individual insurance at iA Financial Group. Involves monitoring processes, collaborating with teams, and assisting with compliance tasks.
Nurse Licensure & Compliance Coordinator managing multi - state nurse licensure and compliance inquiries while ensuring a positive nurse experience. Advocating for nurses and maintaining regulatory adherence at the organization.
508 Compliance Specialist working with the Office of the Inspector General for the DoD. Responsible for ensuring electronic accessibility for compliance with Section 508 regulations.