Join arenaflex, a dynamic and innovative company, as a seasoned Full Stack Cybersecurity Specialist to play a pivotal role in shaping the future of cybersecurity. As a key member of our Cybersecurity Team, you will be responsible for guiding GRC-related activities, ensuring the effective execution of various tasks, and contributing to the development of cutting-edge cybersecurity solutions.
**About arenaflex**
arenaflex is a leading organization in the field of cybersecurity, dedicated to helping businesses align with their commercial goals while addressing threats effectively and meeting industry standards. Our team of experts is passionate about staying ahead of the curve, leveraging the latest technologies, and driving innovation in the field of cybersecurity. We are committed to creating a culture of excellence, where our employees can grow, learn, and thrive.
**Job Summary**
We are seeking an experienced Full Stack Cybersecurity Specialist to join our team as a GRC Expert. As a key member of our Cybersecurity Team, you will be responsible for:
* Assisting in the management of the internal safety compliance requirements and implementation of regulations, tactics, and frameworks at arenaflex.
* Collaborating with the Manager (Governance, Threat, and Compliance), Cyber and Statistics Safety to ensure the effective execution of various tasks and activities related to GRC.
* Validating incoming Third-Party/Internal Risk Assessment requests, working with business stakeholders to confirm the details of the request and the scope of the engagement.
* Coordinating the distribution of due diligence questionnaires to internal stakeholders/Third-Party, reviewing submitted questionnaires for completeness, and identifying risks arising from the current design and operational effectiveness of internal/Third-Party security controls.
* Filing responses, associated findings, and remediation plans in the arenaflex systems.
* Drafting/reviewing reviews for the checks performed and ensuring respective business stakeholders finalize critiques.
* Serving as a strong liaison to ensure any queries are responded to concerning the Risk Control Technique and Evaluation to the business or Third-Party as required.
* Conducting continuous tracking of Third-Party via arenaflex systems for current/new findings and escalating any findings to closure.
* Identifying opportunities for improvement within the arenaflex systems and strategies.
* Working intensely with Chance Lead/Supervisor to timetable and execute a range of different assisting activities related to the Risk Management Program.
**Governance, Threat, and Compliance**
* Leading and assisting in the improvement of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risk consistent with the organization's threat appetite.
* Maintaining and documenting compliance towards information security-related guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks.
* Leading the development and shipping of compliance and risk education and ongoing communications that assist power tradition of protection and compliance.
* Retaining abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further identify new key risk areas.
* Leading the team to preserve and guide ISO 27001 compliance.
**Competencies & Attributes for Fulfillment**
* Understanding and competencies in GRC, cybersecurity, and risk management.
* Outstanding stakeholder management.
* Working understanding of information security-related quality practices and requirements, including ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements, and others.
* Experience in the control of risk, controls, and compliance.
* Expertise of risk evaluation methodologies – qualitative/quantitative.
* Super analytical and problem-solving abilities.
* Super presentation making and delivery abilities.
**Personal Attributes**
* Robust interpersonal abilities.
* Ability to navigate rapid-paced environments and be flexible with working hours.
* Fantastic communication abilities, both verbal and written.
* Adapt quickly to converting conditions and power high-quality change.
**Preferred Training & Experience**
* Applicable Bachelor's/Graduate's degree from an accredited university or equivalent experience.
* 4 years of experience throughout Third-Party risk control, records security, and audit & compliance tracking (minimum of 2-3 years in TPRM/Internal Audit).
* Preferred experience with a large company and/or large four accounting company.
* One or greater credentials – CISA, CRISC, ISO27001 L./LI, CISSP.
* Experience in AI/ML is a plus.
**What We Offer**
* Competitive salary of $80,000 per year.
* Opportunity to work with a dynamic and innovative company.
* Collaborative and supportive work environment.
* Professional development and growth opportunities.
* Comprehensive benefits package, including health insurance, retirement plan, and paid time off.
**How to Apply**
If you are a motivated and experienced cybersecurity professional looking for a new challenge, please submit your application, including your resume and a cover letter, to [insert contact information]. We look forward to hearing from you!
**Note:** arenaflex is an equal opportunities employer and welcomes applications from diverse candidates.