GRC Lead in Bucuresti

SS&C is a global provider of investment and financial services and software for the financial services and healthcare industries. Named to Fortune 1000 list as top U.S. company based on revenue, SS&C is headquartered in Windsor, Connecticut and has 20,000+ employees in over 90 offices in 35 countries. Some 18,000 financial services and healthcare organizations, from the world's largest institutions to local firms, manage and account for their investments using SS&C's products and services.Job DescriptionGRC Lead, Global Information SecurityAbout the Team:The Governance, Risk and Compliance Team is ​a part of the Global Information Security and Risk Management team (GIS) and our ​primary role is to assist the Sales Organization in assuring customers of the Trust they place in Intralinks. You will be a part of a global team of experts in Information Security and Privacy processes, who are responsible for meeting Security and Privacy requirement of clients, regulators, as well as meeting the industry standards.Overview:In this position, you will play a crucial role in helping our customers to stay compliant and reduce risk, as well as project thought leadership on security, risk, and compliance matters. The GRC Lead, EMEA/APAC reports directly to the Director, Security and Quality and is the Lead for all Governance, Risk and Compliance matters in the region. This position is responsible for identifying, evaluating, and reporting on compliance risks, aligning compliance posture of the organization in a manner that supports effective protection of information assets.This position also performs a mix of tasks and responsibilities related to Governance, Risk Management, and Compliance (GRC). The position serves as the primary point of contact and subject matter expert for both Info Sec and GRC functions to internal teams, such as sales, client services, and legal, as well as external parties such as vendors, customers and partners. This position requires a strong track record of competency in the fields of Information Security, IT Audit, and Risk Management.Day to Day: Oversight responsibilities for assessing, maintaining, reviewing, and improving processes and procedures related to ISMSReview of Master Service Agreements for Info Sec requirementsReview of RFPs, and Security Schedules for Info Sec requirementsParticipation in Information Security Risk Management activities for the regionSupport industry and regulatory compliance efforts (ISO27001, SOC2, GDPR)Supervision of Security management processesPrimary contact for internal and external audits of regional operationsAssistance in third-party risk assessments of vendors in the regionSupport the GRC team on risk issues that are related to information security and recommend actions in support of the company's wider risk management programsQualifications:Proven years of experience in governance, risk, and compliance, including experience with internet technology and ISMSBA or BS in information systems related discipline required, MA in a technical area or legal experience a plusDemonstrated experience in industry and regulatory security frameworks and controls, including one or more of ISO27001, PCI DSS, GDPR, BITS FISAP, NIST, COBIT, and SOXExcellent written and verbal communication skills in English; additional language skills preferredOne or more Information Security certifications such as the CISA or ISO 27001 highly preferredUnless explicitly requested or approached by SS&C Technologies, Inc. or any of its affiliated companies, the company will not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. SS&C offers excellent benefits including health, dental, 401k plan, tuition and professional development reimbursement plan. SS&C Technologies is an Equal Employment Opportunity employer and does not discriminate against any applicant for employment or employee on the basis of race, color, religious creed, gender, age, marital status, sexual orientation, national origin, disability, veteran status or any other classification protected by applicable discrimination laws.