IT GRC Program Admin I

United Wholesale Mortgage
Job LocationUS
Job TagFull Time
Apply Now

Description:

As an IT GRC Program Administrator at UWM your focus will be to lead information security initiatives that minimize risk and maximize compliance by facilitating assessments, managing audit fulfillment and remediation of risks, governing of business data and records, monitoring adherence to information security controls and compliance standards, supporting business continuity and disaster recovery compliance, leading specific security initiatives, and coaching and mentoring to improve information security awareness and standards. Plan, coordinate, perform and report on work assignments based on assessments and priorities established by the Information Security Team Lead.

Responsibilities:

  • Maintaining, developing, and supporting information security policies and procedures, including usage of Information Technology resources, safeguarding company data and systems, privacy legislation adherence, and Federal/State Regulation compliance
  • Lead information security initiatives that minimize risk and maximize compliance by facilitating assessments, managing audit fulfillment and remediation of risks, monitoring adherence to information security controls and compliance standards, supporting business continuity and disaster recovery compliance, leading specific security initiatives, and coaching and mentoring to improve information security awareness and standards
  • Develop strategies and plans to enforce security requirements and address identified risks, vulnerabilities, and other security exposures, including misuse of information assets, IT general controls, and noncompliance
  • Assist in researching, evaluating, recommending, and implementing information security-related technologies for security investments focused on monitoring technical resources, evaluating potential threats, and reducing exposure to vulnerabilities
  • Support UWM’s IT Risk Management and Data Governance Programs, which includes developing, enhancing, and maintaining processes using automation tools including GRC platform
  • Identify key program metrics to measure the effectiveness of the program including creation of reports and scorecards
  • Work with various business owners to understand the challenges they face and how to improve efficiency through automation and process improvements
  • Maintain updates with compliance requirements and amendments to regulations
  • Develop and maintain compliance related trainings based on various cyber security topics

Qualifications:

  • 1 to 2 years of experience analyzing cybersecurity policies and strategies.
  • 1 to 2 years Risk Management / Analysis Experience
  • Experience Support Audits and Preparing audit responses for both internal and external agencies
  • Experience in technology IT compliance, audit, risk management or closely related work. Relevant experience with specific security/compliance standards desired (CIS, NIST, GDPR, GLBA, CCPA, 23 NYCRR 500, IRS 1075, HIPPA, etc.).
  • Excellent oral, written, negotiation, and presentation skills
  • Ability to communicate complex concepts
  • Strong analytical and critical thinking skills, with ability to achieve goals.
  • Self-directed, and able to work independently.
  • Demonstrated aptitude for learning modern technologies.
  • Ability to prioritize and manage multiple concurrent projects, and work within critical timelines.
  • Strong leadership, interpersonal, and organizational skills.
  • Ability to work within a fast-paced team environment, effective interacting with internal and external personnel.
  • Demonstrated experience identifying potential opportunities and process improvements
  • High degree of literacy in information system development processes, end-user computing controls, cloud systems implementation, infrastructure management, and information security practices.
  • Onsite Presence required
Apply Now