Grc Consultant

**Role**: GRC Consultant

**Location**: Hanoi, Vietnam

**Payroll**: Skill Quotient Technologies

**Experience** : 3+ years

**Duration**:1 year extendable contract

**Objective**:
Assist in performing Third Party Risk Assessments and ensuring compliance with regulatory requirements and internal policies.

**Key Responsibilities**:

- Conduct comprehensive risk assessments of third-party vendors to identify potential risks and vulnerabilities.
- Utilize predefined criteria and automated tools to evaluate third-party risks.
- Ensure continuous monitoring of third-party activities and compliance using advanced analytics and AI.
- Develop and implement a vendor tiering framework based on vendor classification and compliance requirements.
- Create and configure vendor tiering assessments using questionnaires and document collection templates.
- Assign vendor tiers based on assessment results and monitor assessment queues for automated rule-based assessments.
- Design and implement issue management workflows, including issue rating and remediation timelines.
- Raise issues based on assessment responses, assign ratings, and finalize remediation timelines.
- Monitor and close issues post remediation, and manage exceptions when necessary.
- Define workflows for managing exceptions and obtain approval for unresolved issues.
- Ensure proper documentation and tracking of exceptions.
- Prepare detailed reports on findings from risk assessments, including identified discrepancies and recommended remediation actions.
- Develop and maintain comprehensive master data reports for each vendor site based on assessments conducted.
- Generate and share reports on demand and monitor compliance through dashboards.

**Deliverables**:

- TPRM Finding Reports: Detailed reports on the findings from Third Party Risk Assessments, including identified discrepancies and recommended remediation actions.
- Vendor Site Reporting Master Data: Comprehensive master data reports for each vendor site based on the assessments conducted.
- Weekly Remediation Updates: Regular updates on the status of remediation efforts for identified discrepancies.

**Required Skillsets**:

- Strong knowledge of cybersecurity domains, including risk assessment, security operation, penetration testing, network deployment, and data privacy.
- Familiarity with auditing methodologies and providing solutions to risk findings.
- Proficiency in conducting security assessments and documenting results.
- Excellent communication and documentation skills.
- Ability to work collaboratively with cross-functional teams and stakeholders.

**Minimum Experience**:

- More than 3 years of experience in cybersecurity, including risk assessment, security operation, penetration testing, network deployment, and data privacy.
- Relevant certifications such as CISSP, CISA, ISO27001LA, CEH, OSCP, CCSP, etc.

**Additional Information**:

- The role requires a high level of attention to detail and the ability to work independently.

**About us**:
Skill Quotient Technologies is a leading IT company specializing in Cyber Security Services, Application Testing Services, Application Solutions, Data Engineering, Process Automation, and Cloud Computing. We are ISO 27001 certified, CMMI Level 3 and working towards achieving CREST certifications. With a reputation for excellence, professionalism, and commitment, we deliver tangible results to our clients, ensuring fast-paced project execution and maximum return on investment.

**Job Type**: Contract

Application Question(s):

- What is your current salary?
- What is your notice period?

**Experience**:

- GRC: 2 years (required)
- Cyber Security: 3 years (required)