Trigent Software Inc
Website:
trigent.com
Job details:
Key Responsibilities 1) Governance (Policies, Standards, Controls, Metrics) Own or support the lifecycle for security policies, standards, procedures, and control objectives (drafting, review, approval, exception handling, periodic refresh). Establish and maintain security governance cadence, stakeholder communications, and documentation standards. Define and track GRC KPIs/KRIs, dashboards, and management reporting for leadership visibility. 2) Risk Management (IT/Security Risk, Control Assessments) Lead or support security risk assessments (inherent risk, residual risk), maintain risk register, and drive risk treatment plans Perform/coordinate control assessments and maturity assessments mapped to frameworks (e.g., NIST CSF/ISO 27001), including evidence validation and gap identification. Drive risk-based prioritization of remediation actions with accountable owners and timelines. 3) Compliance & Audit Management (Internal/External) Manage readiness and execution for internal audits, external audits, and regulatory compliance assessments, including evidence collection, audit responses, and closure of findings. Coordinate compliance to multiple standards/regulations as applicable (e.g., ISO 27001, SOC 2, PCI DSS, HIPAA), ensuring controls are designed and operating effectively Support IT General Controls (ITGC) and cybersecurity control enhancements aligned to recognized frameworks and enterprise needs. 4) GRC Tooling / Automation (ServiceNow GRC / Archer / Control Frameworks) Configure/operate and continuously improve GRC workflows (risk, controls, issues, remediation tasks, attestations) in tools such as ServiceNow GRC / RSA Archer (or equivalent). Support activities like policy creation, risk definition/assessment, control definition, audit/testing, and remediation tracking through the GRC platform. Contribute to building or aligning with a unified/common control approach (e.g., mapping controls across frameworks) to reduce duplication and improve reporting quality. 5) Stakeholder & Cross-Functional Collaboration Partner with Security Engineering/Operations, IT, Legal, Privacy, Procurement, and Business teams to operationalize controls and ensure compliance outcomes Present risk/compliance posture, key issues, and remediation plans to leadership in clear, business-friendly terms.
Click on Apply to know more.