• Implement and drive activities related to technology risk reduction, governance, and compliance with policies and external regulatory compliance. 
• Evaluate IT risks and develop risk mitigation strategies and corrective actions. 
• Provide recommendations to improve organizational security posture through process improvement, policy automation, and continuous evolution of capabilities. 
• Document and report on security gaps and provide remediation guidance, prepare management reports, and track remediation activities. 
• Conduct risk and exception assessments by assessing multiple inputs from internal/external sources
• Conduct due diligence assessments on third-party vendors using supply chain risk management practices. 
• Implement effective processes within the GRC function to automate and continuously monitor information security controls, exceptions, risk reporting metrics, dashboards, and evidence artifacts. 
• Interviewing various stakeholders across the organization to determine security controls implementation and effectiveness by collecting and analyzing evidence documenting findings and tracking to closure.

Skills

• Bachelor's degree in Business Administration, Finance, Risk Management, or a related field.
• Strong understanding of governance, risk management, and compliance principles.
• Excellent analytical and problem-solving skills with attention to detail.
• Proficient in Microsoft Office Suite (Excel, Word, PowerPoint) and data analysis tools.
• Effective communication skills, both written and verbal, to convey complex information.
• Ability to work collaboratively in a team-oriented environment and manage multiple tasks simultaneously.
• Prior experience in management consulting or a relevant internship is preferred but not required.