Senior GRC specialist Porto

Overview

Join to apply for the Senior GRC specialist role at Kantar. Location: Porto.

Key Responsibilities

• Own all assurance for clients security assurance reviews to ensure consistent and
  - quality implementation that meets the needs and strategy of the business
• Build strong relationship with key stakeholders (primarily North America, but also with involvement with all other markets), leading to a trusted partnership where they are the main point of contact for that region’s activities
• Provide security consultancy and advice, and interpretation of standards and policies as needed to deliver positive results for clients
• Review of security contractual terms to ensure the best outcome is achieved for the business, and any risks are clearly documented and managed
• Be the connector of the central security services to the central Client Trust team and continue to evolve the team’s understanding as the function continues to mature
• End-to-end management of findings and actions (from assurance, to documentation, escalation, remediation or exception) and report regularly to senior management through the team’s central governance processes
• Align with other assurance activities alongside colleagues in Technology, Privacy, Legal, Procurement, etc
• Be prepared to support the business across multiple regions when required
• Work with the team to contribute towards new & improved ways of working

Knowledge needed

• Cyber Security generalist – having a wide understanding of cyber controls, frameworks, best practice and compensating controls is essential for this role. (ISO27001, NIST, CIS, SOC etc)
• Understanding and experience with data privacy legislation (GDPR, CCPA, PIPL etc)
• Experience in completing assurance activities, either internally or on external/supply chain (such as suppliers or clients)
• Influencing – Gravitas and confidence to drive change. Excellent communication skills, including the ability to explain complex tech issues in simple terms
• Autonomy – deal with broad set of activities across a varied stakeholder group and manage their work in an ambiguous environment
• Ownership – taking ownership of key tasks and working through to completion
• Must have experience/track record of applying information security and IT risk knowledge and processes to
  - world business problems in complex, global organisations with formal risk treatment processes in place
• Risk management – able to apply risk management practices to varied scenarios and ensure identified issues are properly managed
• Supplier risk management - must be able to demonstrate a clear understanding of assessing suppliers. Will be expected to work closely with the Supplier Risk Management team

Country

Portugal

Why join Kantar?

We shape the brands of tomorrow by better understanding people everywhere. By understanding people, we can understand what drives their decisions, actions, and aspirations on a global scale. And by amplifying our
- depth expertise of human understanding alongside
- breaking technology, we can help brands find concrete insights that will help them succeed in our
- paced, ever shifting world.

We’re committed to equality of opportunity for everyone and support our colleagues to work in a way that supports their health and wellbeing. Our approach is flexible to ensure everybody feels included, accepted, and that we can win together. We’re dedicated to creating an inclusive culture and value the diversity of our people, clients, suppliers and communities, and we encourage applications from all backgrounds and sections of society.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Industries: Market Research