We are looking for a GRC Analyst to be a part of the Governance, Risk and Compliance (GRC) function of the Information security team at Clarivate. A dynamic team that is working cross company at all levels. If you have a skill set and experience in information security and project management, we would love to speak with you.
About You – experience, education, skills, and accomplishments
BSc degree graduate in a relevant field or equivalent technical training.
Security certifications – CISO, CISSP and/or CISM preferred.
1+ years demonstrated experience in Information security at a global company
Experience with at least one of the following: ISO 27001/2, PCI, AICPA SOC 2 (SSAE 18)
Project management skills to drive projects and initiatives across multiple departments
Excellent English communication skills
It would be great if you also had
Experience in creating and implementing processes
Knowledge of risk assessment and security baselines
Knowledge of ISO Certifications and NIST standards
Experience handling tasks in a matrixed organization
Ability to multitask
What will you be doing in this role?
Implement the key initiatives/projects focused on the reduction of security risks, governance, and compliance.
Participate in security and privacy compliance assessments on new and existing systems, processes, and technologies.
Support internal and external audit processes such as ISO 27001/ISO 27002, SSAE 18 and leading standards for Information Security
Enhance operational effectiveness of audit activities to further align to company strategy and risk management
Assist with education and awareness programs to promote security and privacy in the company.
Inform the CISO or DPO regarding security and privacy concerns and recommend courses of action
Tactically maintain and operate the risk management systems
Participate in completing security questionnaires, contract reviews, RFPs, and tenders
Review proposed changes on an ongoing basis to determine the impact on security and privacy
About the Team
The Governance Risk and Compliance (GRC) team in Clarivate exists as part of the overall Information Security team headed up by our CISO within the Technology Group. GRC Compliance Team is a part of the GRC team and spearheads initiatives that further the organization’s compliance goals and responsible for assessing and guiding the company’s compliance stance for Information Security in alignment with industry standards (ISO 27001, SOC 2, PCI-DSS, SOX, ISO 27017, ISO 27032, etc.) along with contractual requirements agreed with the customers.
Benefits
Holidays: 25 days paid leave per annum
Private Health Insurance
Paid Lunch
Yearly Bonus
Yearly Merit Plan
My Learning Platform
Fit Pass
Life Insurance
Accident Insurance
Company bicycles for rent free of charge
Hours of Work
This is a permanent full-time position, with core engagement hours within CET time zone.
This is a hybrid position, you will be expected to work from our Belgrade office 3 days every other week.
#LI-Hybrid
Please note that only shortlisted candidates will be contacted.
At Clarivate, we are committed to providing equal employment opportunities for all persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.