Cybersecurity GRC Lead

We have an immediate need for a Cybersecurity GRC Lead for a contract to hire position located in Atlanta, GA. In this position, you will assist with TISAX automotive audit interviews in NE, NA, NNA, Gap assessment remediation, work closely with business, regional lead, quality lead for audit evidence

- Actively participate in TISAX audits with external auditors

- SEC Cybersecurity Disclosure Compliance

- Track incidents that are in scope for SEC

- SEC PowerApp admin and ensure P1 and P2 incidents are tracked, monitored, documented, key parties are notified, incident closed in PowerApp tool.

- Kickoff and maintain SEC Materiality Checklist, SEC Compliance Monitoring

- Update SEC workflows and Incident Response Plans based on any new SEC cybersecurity disclosure mandate.

- EU Artificial Intelligence (AI) Act Compliance Activities, AI inventory/catalog, AI Risk Assessment

- AI Governance work (+other governance, risk, compliance activities), Align AI RMF to NIST CSF Framework, AI Risk Assessment

- Security Awareness & Training

Oversee organization wide Security Awareness Program which includes phishing simulations, computer-based training, proactive communications on latest threats, workshops and newsletters.

- Work closely with Cybersecurity GRC team and communications to help build programs, initiatives to promote security mindset in the organization.

- Work with our vendor for GRC tool implementation.

- Assist with Internal Audits, remediate findings and work closely with key business stakeholders.

- Active participation in Incident Response Tabletop exercises and update with lessons learned.

- Responsible for performing cybersecurity risk assessments (NIST CSF) and control assessments to ensure systems and applications (on prem and in the cloud) are complying with Company's policies, applicable regulatory and legal requirements, and leading industry practices.

- Update Business Impact Analysis (BIAs) plans to determine Cybersecurity key systems to assess.

-  Maturing the Cybersecurity Risk Management Program by managing the cybersecurity risk register, issue management, and ensuring appropriate risk management strategies are in place and followed up on cybersecurity GRC Lead