Cyber GRC Supervisor

Description

The Cyber GRC Supervisor is a pivotal role within the EITSOC, ensuring the effective coordination and oversight of cybersecurity governance, risk, and compliance (GRC) activities. This individual serves as the primary leader of the Quality Assurance (QA) team, managing the team’s deliverables, maintaining quality standards, and fostering a culture of continual improvement. The position also involves reporting on quality assurance metrics, tracking levels of effort (LOE) across projects, and maintaining comprehensive internal documentation to ensure consistent processes and compliance with EITSOC policies.

Key Responsibilities:

• Quality Assurance Leadership
  • Lead and manage the QA team to ensure effective adherence to established processes, standards, and timelines.
  • Oversee the review and validation of deliverables to ensure they align with compliance standards, internal QA standards, and stakeholder expectations.
  • Drive process improvements to enhance the efficiency and effectiveness of QA practices.
• Metrics and Reporting
  • Develop and deliver regular reports on QA performance metrics, identifying trends and providing actionable insights for EITSOC leadership.
  • Track and manage levels of effort (LOE) across various projects, ensuring proper resource allocation and meeting project deadlines.
• Documentation and Process Management
  • Maintain and update EITSOC’s internal documentation repository, ensuring accuracy, accessibility, and alignment with current practices and regulatory requirements.
  • Collaborate with cross-functional teams to create or refine policies, procedures, and workflows that support cybersecurity governance, risk, and compliance needs.
• Collaboration and Stakeholder Engagement
  • Act as a liaison between the QA team and other organizational units within the EITSOC, fostering clear communication and alignment on priorities.
  • Partner with EITSOC leadership to provide strategic input on cyber GRC initiatives and ensure alignment with organizational objectives.

Qualifications

Typical Education and Experience:

• Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience

Education and Certification Requirements:

• Bachelor's Degree (required) in Cybersecurity, Information Technology, Information Systems, Business Administration, or a related field and five (5) years or more experience; Master's and three (3) years or more experience; additional experience in lieu of a degree may be considered.
• Industry Certifications (preferred):
  • Security+ (CompTIA Sec+).
  • Certified Information Systems Auditor (CISA).
  • Certified Information Security Manager (CISM).
  • Certified in Risk and Information Systems Control (CRISC).
  • ITIL Foundation Certification (IT Service Management).
  • Certified Data Privacy Solutions Engineer (CDPSE).
  • Governance, Risk, and Compliance Professional (GRCP).
  • ISO 27001 Lead Implementer or Auditor Certification.
  • Certified Information Systems Security Professional (CISSP) – with a focus on governance and risk.

Qualifications:

• Proven experience in a leadership role within a cybersecurity governance, risk, and compliance (GRC) environment.
• Strong understanding of quality assurance processes and best practices.
• Excellent organizational skills and the ability to manage multiple priorities simultaneously.
• Proficiency in reporting metrics and analyzing data to drive decision-making.
• Exceptional written and verbal communication skills to maintain detailed documentation and foster effective team collaboration.

Key Attributes:

• A detail-oriented individual with a focus on continuous improvement.
• A proactive, results-driven mindset with an emphasis on team success.
• Adept at building and maintaining relationships across teams and leadership levels.