<- All Jobs
USDS GRC Risk Engineer - USDS
About The Team
The USDS Security, Risk & Compliance team is responsible for managing USDS security compliance in accordance with US compliance requirements and objectives, and providing industry leading governance, risk, and compliance services. The core service offerings include: Compliance & Security Risk Management, Controls & Compliance Framework, Security Compliance Policies, Charters, & Protocols, Vendor Program & Third-Party Risk Management, Governance, Risk, & Compliance (GRC) Platform, and Security & Compliance Behavior & Culture.
Responsibilities:
- Partner with Risk Owners to manage Security and Compliance related risks in the risk register throughout the risk lifecycle in accordance with leading industry frameworks
- Lead the development and implementation of risk quantification improvements to scale and mature current risk program operations
- Identify risk using data, perform quantitative risk assessments, drive mitigation through building risk treatment plans and building KRIs to monitor risk
- Develop business risk thresholds to drive risk management efforts
- Deliver executive leadership risk reporting providing data-driven insights on top security and compliance risks measured against thresholds to drive decision-making
- Scale the existing exception process and drive remediation efforts
The USDS Security, Risk & Compliance team is responsible for managing USDS security compliance in accordance with US compliance requirements and objectives, and providing industry leading governance, risk, and compliance services. The core service offerings include: Compliance & Security Risk Management, Controls & Compliance Framework, Security Compliance Policies, Charters, & Protocols, Vendor Program & Third-Party Risk Management, Governance, Risk, & Compliance (GRC) Platform, and Security & Compliance Behavior & Culture.
Responsibilities:
- Partner with Risk Owners to manage Security and Compliance related risks in the risk register throughout the risk lifecycle in accordance with leading industry frameworks
- Lead the development and implementation of risk quantification improvements to scale and mature current risk program operations
- Identify risk using data, perform quantitative risk assessments, drive mitigation through building risk treatment plans and building KRIs to monitor risk
- Develop business risk thresholds to drive risk management efforts
- Deliver executive leadership risk reporting providing data-driven insights on top security and compliance risks measured against thresholds to drive decision-making
- Scale the existing exception process and drive remediation efforts