Maintain the IT risk inventory to track identified issues and risks, including risk acceptances and remediation plans; provide governance, oversight, and reporting on issues and risks.
Lead the planning, scoping, execution, and documentation of risk management activities associated with technology and technology-related risks including cybersecurity and OT environments.
Identify, validate, and assess security risks; develop, socialize, and guide engineering and business teams through risk treatment plans.
Design and build automation for GRC processes including evidence collection, control validations, real‑time control effectiveness checks, and broader GRC workflows such as risk register, Third Party Risk assessments, and enterprise systems controls definition.
Design data pipelines that aggregate and normalize risk‑relevant data across enterprise systems to support KRIs, control‑maturity insights, a...