**Experienced Full Stack Cybersecurity Specialist – Governance, Risk, and Compliance (GRC) Professional**

Join arenaflex, a leading innovator in the field of cybersecurity, as a highly skilled and experienced Full Stack Cybersecurity Specialist – Governance, Risk, and Compliance (GRC) Professional. As a key member of our Cybersecurity Team, you will play a critical role in guiding GRC-related activities and ensuring the smooth execution of various tasks within the team. If you are passionate about cybersecurity and have a strong background in GRC, we encourage you to apply for this exciting opportunity.

• *About arenaflex**

arenaflex is a cutting-edge technology company that specializes in developing innovative solutions for the modern business world. Our team of experts is dedicated to creating a secure and compliant environment for our clients, and we are committed to staying ahead of the curve in the ever-evolving world of cybersecurity. At arenaflex, we believe in fostering a culture of innovation, collaboration, and continuous learning, and we are looking for talented individuals who share our vision to join our team.

• *Key Responsibilities**

As a Full Stack Cybersecurity Specialist – GRC Professional, you will be responsible for the following key duties:

• Third-Party Risk Management (TPRM) Software: Assist in the implementation and management of TPRM software to ensure the effective identification, assessment, and mitigation of third-party risks.
• Help the arenaflex Global Third-Party Risk Method: Assist in the development and implementation of a comprehensive third-party risk management program that aligns with industry best practices and regulatory requirements.
• Validate Incoming Third-Party Risk Assessment Requests: Validate incoming requests for third-party risk assessments, working with business stakeholders to confirm the details of the request and the scope of the engagement.
• Coordinate the Distribution of Due Diligence Questionnaires: Coordinate the distribution of due diligence questionnaires to internal stakeholders and third-party vendors, review submitted questionnaires for completeness, and identify potential risks arising from the current design and operational effectiveness of internal/third-party security controls.
• File Responses, Associated Findings, and Remediation Plans: File responses, associated findings, and remediation plans in arenaflex systems.
• Draft/Review Reviews for the Checks Performed: Draft and review reviews for the checks performed, ensuring that respective business stakeholders finalize critiques.
• Be a Strong Liaison: Ensure that any queries are responded to concerning the risk control technique and evaluation to the business or third parties as required.
• Carry Out Continuous Tracking of Third-Party Vendors: Continuously track third-party vendors via arenaflex systems for current/new findings and music any findings to closure.
• Identify Opportunities for Improvement: Identify opportunities for improvement within arenaflex systems and strategies.
• Work Closely with Chance Lead/Supervisor: Work closely with the chance lead/supervisor to time table and execute a range of different assisting activities related to the chance management program.

• *Governance, Threat, and Compliance**

• Lead and Assist the Improvement of Cybersecurity Hazard and Compliance Related Strategies: Lead and assist in the improvement of cybersecurity hazard and compliance-related strategies to ensure the treatment of cybersecurity hazard consistent with the agency's threat urge for food.
• Maintain and Document Compliance: Maintain and document compliance towards information safety associated guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks.
• Lead Development and Shipping of Compliance and Danger Education: Lead the development and shipping of compliance and danger education and ongoing communications that assist power tradition of protection and compliance.
• Retaining Abreast of Regulatory Changes: Retain abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further pick out new key chance regions.
• Lead the Team to Preserve and Guide ISO 27001 Popular: Lead the team to preserve and guide ISO 27001 popular.

• *Competencies & Attributes for Fulfillment**

• Understanding and Competencies: Possess a strong understanding of cybersecurity-related concepts and competencies, including but not limited to, ISO 27001, SOC 2, and SSAE 16/18.
• Outstanding Stakeholder Management: Demonstrate excellent stakeholder management skills, including the ability to communicate effectively with business stakeholders and third-party vendors.
• Working Understanding of Information Security Related High-Quality Practices: Possess a working understanding of information security-related high-quality practices and requirements.
• Experience in the Control of Hazard, Controls, and Compliance: Possess experience in the control of hazard, controls, and compliance, including the development and implementation of risk management programs.
• Expertise of Hazard Evaluation Methodologies: Possess expertise in hazard evaluation methodologies, including qualitative and quantitative risk assessment.
• Super Analytical and Problem-Solving Abilities: Demonstrate super analytical and problem-solving abilities, including the ability to identify and mitigate potential risks.
• Super Presentation Making and Delivery Abilities: Possess super presentation making and delivery abilities, including the ability to communicate complex information to non-technical stakeholders.

• *Personal Attributes**

• Robust Interpersonal Abilities: Possess robust interpersonal abilities, including the ability to navigate rapid-paced environments and work effectively with diverse stakeholders.
• Ability to Navigate Rapid Paced Surroundings: Demonstrate the ability to navigate rapid-paced environments and be flexible with working hours.
• Fantastic Communication Abilities: Possess fantastic communication abilities, both verbal and written.
• Adapt Speedy to Converting Conditions: Demonstrate the ability to adapt quickly to converting conditions and power high-quality change.

• *Preferred Training & Experience**

• Applicable Bachelor's/Grasp's Diploma: Possess an applicable Bachelor's/Grasp's diploma from an accepted university or equivalent experience.
• 4 Years of Enjoy: Possess 4 years of enjoy throughout third-party risk control, records security, and audit & compliance tracking (minimum of 2-3 years in TPRM/internal audit).
• Preferred Revel In: Possess a preferred revel in with a massive company and/or large four accounting company.
• One Or Greater Credentials: Possess one or greater credentials, including but not limited to, CISA, CRISC, ISO27001 L./LI, and CISSP.
• Experience In AI/ML: Possess experience in AI/ML, which is a plus.

• *What We Offer**

• Competitive salary: $80,000 per year
• Comprehensive benefits package, including health, dental, and vision insurance
• Generous paid time off and holidays
• Opportunities for professional growth and development
• Collaborative and dynamic work environment
• Recognition and rewards for outstanding performance

• *How to Apply**

If you are a motivated and experienced cybersecurity professional looking for a new challenge, we encourage you to apply for this exciting opportunity. Please submit your resume and cover letter to [insert contact information]. We look forward to hearing from you!

• *About arenaflex Careers**

At arenaflex, we are committed to fostering a culture of innovation, collaboration, and continuous learning. We believe in the importance of developing our employees and providing them with the skills and knowledge they need to succeed in their careers. If you are passionate about cybersecurity and have a strong background in GRC, we encourage you to apply for this exciting opportunity.

• *Why do you want to work for arenaflex?**

• Answer: Speak about the agency's values, project, or popularity that align with your profession desires. Point out precise elements of the business enterprise that attracted you.

• *What's your best strength?**

• Answer: Spotlight a applicable energy, including problem-fixing, management, or a technical skill. Support your solution with an example.

• *What's your greatest weakness?**

• Answer: Talk a weak point, but emphasize how you're operating to improve it. For instance, "i am operating on improving my time management abilities."

• *Tell me about a hard situation you've got confronted at paintings and the way you handled it.**

• Answer: Use the superstar approach (state of affairs, venture, movement, result) to provide an in-depth response, showcasing your hassle-fixing talents.

• *Why need to we hire you for this role?**

• Answer: Spotlight your relevant qualifications, stories, and how they make you the excellent match for the position. Mention your enthusiasm for the organization and the job.

• *In which do you notice yourself in 5 years?**

• Answer: Share your career aspirations and how they align with the organization's boom. This demonstrates long-term commitment.

• *What do you understand about our merchandise/services?**

• Answer: Research the employer's services and point out specific services or products. Explain how you accept as true with they gain customers.

• *How do you handle running below stress?**

• Answer: Describe your capacity to stay calm, prioritize tasks, and talk correctly in excessive-stress situations. Provide an example.

• *Tell me approximately a time you labored in a group.**

• Answer: Describe a a hit team challenge. Emphasize your collaboration, conversation, and trouble-solving abilities.

• *What is your chosen paintings style or work environment?**

• Answer: Share your alternatives, but be adaptable. Point out that you may paintings correctly in different settings.

• *Do you have got any questions for us?**

• Answer: Usually have questions organized. Ask about the organization's tradition, crew dynamics, expectancies, or upcoming initiatives. It demonstrates your hobby.