GRC Audit & Compliance Specialist

SUMMARY: The GRC Audit & Compliance Specialist is dedicated to safeguarding Stride's information systems, IT assets, and intellectual property from cyber threats, unauthorized modifications, disclosures, or destruction. The Specialist will ensure adherence to internal policies and external regulations by continuously monitoring compliance. Performing thorough compliance audits and reporting findings to identify areas for improvement. Evaluate the effectiveness of internal controls and recommend enhancements to boost security and efficiency. The Specialist will assist in the preparation for, and facilitation of assessments and examinations conducted by qualified assessors.

Essential Functions: Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.

* Demonstrate experience with risk assessments in conjunction with major regulatory initiatives (e.g., SOX, PCI-DSS, HIPAA, FedRAMP).

* Demonstrate experience with cyber security and information security program management, frameworks, and methodologies (e.g., NIST CSF, ISO/IEC 27000, COBIT, etc.).

* Comprehensively understand and maintain knowledge of applicable standards, requirements, and their application to the enterprise environment in cooperation with operational area SMEs.

* Provide subject matter expertise in the creation, implementation, maintenance of programs, policies, and procedures to be compliant with applicable technology-related regulations.

* Comprehensively perform and monitor IT compliance activities including data collection, analysis, and remediation, working with internal and external audit teams as required.

* Support management in the design and operating efficiency testing of the IT department's control activity processes.

* Review audit assessments conducted by both internal and external audit teams.

* Collaborate with both internal and external audit teams.

* Coordinate external audit request responses and requests

* Provide relevant awareness training to control owners.

* Drive effective collaboration across all lines of business and provide relevant awareness training to control owners on IT compliance awareness.

* Drive continuous quality improvement.

Supervisory Responsibilities: This position has no formal supervisory responsibilities.

Minimum Required Qualifications:

* Bachelor's degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, Audit, or related field required AND

* Five (5) years of experience in IT Security, IT Audit, IT Governance, Risk, & Compliance

*

* Equivalent combination of education and experience, including prior relevant military service experience.

Certificates and Licenses: None required.

OTHER REQUIRED QUALIFICATIONS:

* Demonstratable understanding of security controls and risk assessment tools.

* Demonstratable understanding of information security and the relationship between threat, vulnerability, and information value in the context of risk management.

* Demonstratable understanding of risk-based decision-making.

* Demonstratable understanding of leading-edge governance-enabling technologies.

* Ability to develop relationships across functions and inspire trust and confidence through effective communication and interpersonal skills.

* Experience managing cybersecurity controls based on a thorough understanding of industry standards and regulations to protect the company from external and internal threats.

* Excellent communication and presentation skills (verbal and written).

* Project management planning and organization skills.

* Ability to identify, document, and communicate i

Apply here: