Senior Risk and Compliance Advisor (SRO)
Bedford, MassachusettsJob ID R87205 Date posted Jan. 17, 2019
Senior Risk and Compliance Advisor
Location: Bedford, MA
The Senior Risk and Compliance Advisor will assist with and execute on RSA Governance, Risk, and Compliance Programs (GRC). This position assists with the design, execution and growth of various risk and compliance programs including enterprise risk management, information security, vulnerability management, third party risk, PCI and SOC controls.
The role will support the GRC program as a key member of the Information Security, Governance, Risk, and Compliance (ISGRC) team. This position will work directly with technical and business leadership across the organization to promote ISGRC programs.
- Develop, design, maintain, grow and socialize existing and new risk management programs.
- Risk Identification, Assessment and Evaluation of internal controls.
- Collect and review relevant information to ensure that risk scenarios are identified and evaluated.
- Identify potential threats and vulnerabilities for business processes, products, and data to assist in the evaluation of enterprise risk.
- Work closely with all business units to train and promote adoption of risk and compliance best practices.
- Develop project requirements, objectives, plans, schedules and tasks related to compliance activities.
- Assist with the maintenance and adoption of the third party risk and compliance programs.
- Facilitate audit-related tasks to ensure the readiness of managers and their teams for audit testing and ensure timely resolution of audit findings.
- Ensure reports and findings are delivered in a timely and appropriate manner to management.
- Facilitate compliance with the internal control standards via regular monitoring of related activities using RSA Archer.
- Recognizes and identifies potential areas where existing policies, standards and procedures require change.
- Manage the progress of remediation steps on identified control deficiencies using RSA Archer.
- Support additional internal and external GRC activities as part of the ISGRC team.
Critical Hiring Criteria
- Bachelor's Degree, or comparable work experience, combined with 3-5 years of related experience in Risk Management, IT Audit or Compliance.
- Experience with Enterprise Risk Management, Information Security, Compliance & IT Management Standards; ISO, Trust Service Principles/SOC, NIST, COBIT, & COSO.
- Experience with RSA Archer preferred, or other GRC platforms, but not required.
- Possession of standard certifications in Information Security or Compliance preferred (CRISC, CISA, and CISSP).
- Demonstrated ability to apply IT related knowledge and experience in solving compliance issues.
- Proficiency with Microsoft Office software, Excel, Word, PowerPoint, Visio and SharePoint.
- Strong problem solving skills with an inquisitive nature and attention to detail.
- Ability to manage questions and conflict with our business stakeholders.
- Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors.
- Skilled in verbal and written communications with the ability to express medium complexity technical concepts in business terms.
- Excellent teamwork and client service skills.
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
If you can keep groundbreaking projects on track, this is your opportunity to develop with Dell.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.