Principal InfoSec GRC Specialist (Contract / Permanent)

What will you do?

Leadership & Program Management

• Bring ‘Security by design’ principles to product development activities
• Managing the GRC program, defining the roadmap for maturity across governance, risk management, and compliance initiatives.
• Lead, manage, and mature the organization's Information Security Management System including risk treatment, internal audits, and readiness for external certification audits
• Serve as the SME for high-stakes compliance frameworks, specifically FedRAMP, and maintaining advanced leadership over HIPAA and the ISO 27001 family (including 27017/27018 for cloud security).
• Lead the development and revision of enterprise-level security policies, standards, and control frameworks to align with regulatory requirements and business objectives.
• Manage GRC with focus on lean, efficient implementation by leveraging automation of activities

FedRAMP & Cloud Secur...