**6 month contract only**
The Sr Governance, Risk and Compliance (GRC) Specialist will be responsible for supporting the IT Governance, Risk and Compliance Program. They will perform risk assessments, gap analysis and overall security controls guidance around security standards such as ISO 27001, National Institute of Standards and Technology (NIST 800-53), IRS 1075 and other security frameworks. They will lead efforts to design, implement, and manage IT GRC program requirements within the ServiceNow GRC platform. The Sr GRC Specialist will also perform Plan of Action and Milestone (POAM) activities to track remediation efforts, complete security risk tracking and reporting, and Information Technology audit preparation and response.
The ideal candidate will be a self-starter and have an inquisitive, analytical mind that constantly looks for solutions to difficult problems. This person must have the ability to convey technology and security concepts to management and ideally has technical knowledge and/or experience in security with a proficiency in a risk management framework with the ability to assess administrative and technical controls.
A successful candidate must be driven and goal-oriented with the ability to complete tasks with limited supervision within an evolving and entrepreneurial environment. The Sr. GRC Specialist will work with other departments throughout SAS and must be detail-oriented to successfully manage multiple projects at the same time.
Knowledge, Skills and Abilities Preferred:
Equivalent combination of education, training, and relevant experience may be considered in place of the requirements above.
SAS is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: Equal Employment Opportunity is the Law. Also view the supplement EEO is the Law, and the notice Pay Transparency. Equivalent combination of education, training and experience may be considered in place of the above qualifications. The level of this position will be determined based on the applicant's education, skills and experience. Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process. To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status.