To learn more about how Dell Technologies is supporting our communities, customers, partners and team members, please visit our COVID-19 response site.
Sr. Advisor – Governance, Risk & Compliance
Primary Location: Cairo,
Additional Location(s): Cairo, Egypt
RSAhelpsthe world's leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing enterprise and cloud environments against today’s most sophisticated threats. Combining business-critical solutions in identity & authentication management, network forensics and GRC capabilities, RSA provides visibility and analytics to safeguard the identities and information of organizations worldwide.
Beapartof theInformation Security Governance, Risk & compliance team,supporting RSA’sinternalsecurity programtomanage the security and resiliency risksacross all aspects ofRSA’s business.We are seeking individuals who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture atRSAand further develop your career.
We are currently seeking a qualified candidate to serve as aSr.Advisor- GRC. In this role you will be involved invariety of governance, risk and compliance activities.A successfulcandidatewillbe able to build relationships across the organization to support driving thegoals of the organization. Daily responsibilities willinclude assessingthe effectiveness of security controls across the enterprise,supporting customer third party risk assessments,issue remediation tracking andcustomer and regulatory audit support. This includes but is not limited to:
Proactivecompliance testing including control and process evaluation, includingdrivingcontinuous control maturityimprovements
Governance ofInformationSecurity program practices across both corporate & customer software as a service (SaaS) environments
Information Security Policy &Standard creation, governance anddocument management
The Payment Card Industry Data Security Standard(PCI-DSS)& PCI 3DSquarterly activities andannual assessments
Facilitation and supportcustomeraudits of RSASecurity’s productofferings
Facilitationand supportof annual Service Organization Reports (SOC 2 Type II Audits)
Support issues management program including risk acceptance and risk remediation plan governance
Coordinate and govern corporate & product line business continuity plan documentation
Maintain repository of customer information security questionnairesresponses, provideresponseto customer questionnaires and third-party risk assessments of RSA product lines and services
PerformSecurity schedule and contract reviewsfor RSA product lines, partnering with client relationship managers and RSA Legal
Develop, perform and trackcorporate Information Securitytraining and awareness materials
Create program level metrics,reports and updates to executive leadership
Strong knowledge of cybersecurity and information technology systems terminology, concepts, and practices.
Strong knowledge ofIT Controlsframeworksincluding but not limited to:COBIT, COSO, NIST 800-53, Payment Card Industry Data Security Standard (PCI-DSS), Payment Card Industry 3DS (PCI-3DS), Sarbanes-Oxley Act, ISO27001/27002 and DataPrivacyand Protection Regulations is required.
5+years of current IT Audit and/or IT Risk Management experience is preferred.
A working knowledge of eGRC platforms such asRSAArcher.
Hands-on experience performing security control assessments utilizing established industry frameworks.
Strong verbal and written communications skills arerequiredas well as excellent organizational and time management abilities.
Possess strong customer service skills, with the ability to work well independently, with minimal oversight.
Ability tointerpret, translate andnegotiatewith both technical and non-technical personnelinformation security control modifications and/or remediationprogress plan milestones.
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Given the diverse locations of our team members, the ability to work effectively globally and cross-functionally is critical.
A degree in Information Technology, Information Security, and/or Accounting Information Systems is desired.
Industry certifications relevant to the role include, but are not limited to:CISA,CRISC, CISM, ISA/QSA, PCIP, CISSP.
Knowledgeand understandingoftechnicalinfrastructuresuch asCloud ServiceProviders(CSPs) such as Amazon, Microsoft Azure and traditional IT datacentre technology such asrouters, switches, firewalls, and the associated network protocols and concepts.
A team player capable of embracing the Company’s culture of high standards related to privacy, ethics and compliance principles.