Specification -
Established as an experienced application compliance professional with a firm command of
enterprise governance, risk, and compliance (GRC), and supporting principles
Be able to recognize the vulnerabilities and efficiency opportunities across a wide array of
Enterprise Apps, IT systems, and data sources in a complex corporate structure
More than 5 years of experience working as an IT Compliance professional
More than 2 years of experience working in high-volume, public-facing production
environments, or a global enterprise IT organization
Strong experience with application controls and access risk management
Strong understanding of at least one of the following security frameworks is required: SOX,
ISO 27001, SOC 1,Type 2
Awareness of various security technologies and protocols such as VPN, TLS/SSL
(HTTPS/FTP over SSL, etc.), MFA/2FA, Firewall policy controls, and PKI
High-level (fundamental) understanding of content and web control technologies including
Proxies and application-layers firewalls
Strong experience with Excel and GRC solutions
