Governance, Risk, & Compliance (GRC) Management Lead

Location: Montgomery, Alabama
Date Posted: 04-13-2018
About Seneca Resources:
Seneca Resources is a client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry.  Seneca Resources is a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland that service clients throughout the United States.  The key to our success lies within our strong corporate culture which drives our business.  We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement.  In turn, we look for only the best and brightest to join our team.
 
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
 
Position Title: Governance, Risk, & Compliance (GRC) Management Lead
Location: Montgomery, Alabama
Position Status: Multi-Year Contract
 
Position Description:
Our client is looking for Governance, Risk, & Compliance (GRC) Management Lead candidates for a position located in Montgomery, AL
 
Required Education:
Bachelor’s degree from an accredited four-year college or university in Engineering, Computer Science, Math, Information Technology or a related field.
 
Experience Required:
  • Ten years’ Information Technology experience with at least three (3) years’ experience in enterprise network or systems administration.
  • Two years’ experience working in Risk Management Framework
  • Four years’ experience working as an Information Systems Security Manager, Security Control Assessor, or related Information Assurance role on system Certification & Accreditation or System Assessment & Authorization.
  • One year experience in a leadership role over three (3) or more subordinate team members
Required Skills:
  • Interfaces with assessors and auditors as well as Medicaid Stakeholders and IT Personnel to facilitate senior leadership knowledge of organizational risk levels, the development of system security documentation, and reporting requirements.
  • Ensures, through documentation, reporting, and communications with Medicaid Stakeholders and IT Personnel, that protection and detection capabilities are acquired and developed consistent with the organization-level Security Architecture and Security Policies and Standards, and prioritizes vulnerability remediation efforts according to organizational and security strategies.
  • Evaluates and approves development efforts through the use of Security Assessment reports, in conjunction with the Medicaid Technical Security Assessment team, to ensure that baseline security safeguards are appropriately implemented.
  • Advises the Chief Information Security Officer on risk levels and security posture as well as the results of cost/benefit analysis of information security program policies, procedures, and technological implementations.
  • Prepares, distributes, maintains and assists in the development of plans, instructions, guidance, and standard operating procedures concerning the security of organizational system operations.
  • Reviews organizational external agreements and internal system designs to provide input on security requirements and evaluates associated proposed security architectures and designs to ensure that architectures and designs adequately meet requirements.
  • Develops and Implements the procedures used by the Medicaid GRC Team to perform its operational functions.
  • Acts as lead to the Medicaid GRC team members, providing task management and direction for each of the team’s members.
or
this job portal is powered by CATS