GRC Security Manager
Description
Enphase Energy is a global energy technology company and leading provider of solar, battery, and electric vehicle charging products. Founded in 2006, Enphase transformed the solar industry with our revolutionary microinverter technology, which turns sunlight into a safe, reliable, resilient, and scalable source of energy to power our lives. Today, the Enphase Energy System helps people make, use, save, and sell their own power. Enphase is also one of the fastest growing and innovative clean energy companies in the world, with approximately 68 million products installed across more than 145 countries.
We are building teams that are designing, developing, and manufacturing next-generation energy technologies and our work environment is fast-paced, fun and full of exciting new projects.
If you are passionate about advancing a more sustainable future, this is the perfect time to join Enphase!
About the role
Reporting to the Senior Manager, Accounting, the GRC Security Manager will play a critical role in developing and executing a comprehensive risk management framework and GRC strategy that aligns with Enphase's overall business strategy and objectives.
What you will do
- Oversee the enterprise risk components of the Governance, Risk, and Compliance (GRC) platform implementation and manage the build-out and ongoing development of the GRC tools, including design, configuration, reporting and dashboard requirements, training, and awareness communications.
- Scale the company’s GRC program while applying industry best practices for Enterprise Risk Management, Third Party Risk Management, Business Continuity, and other applicable areas.
- Work with business stakeholders to develop active engagement across all enterprise risks enabled by GRC workflow and ensure that first line risk management processes and internal controls are effective to mitigate SOD (segregation of duties) risks and applied in accordance with the company’s policies.
- Collaborate with business stakeholders to ensure Fusion roles align with business needs and regulatory requirements.
- Conduct SOD risk assessments and analyses to identify potential conflicts and vulnerabilities.
- Demonstrate awareness and understanding of stakeholder business requirements, enterprise reference data standards and organizational context throughout project execution.
- Establish processes and controls within the GRC platform to monitor and manage risks across the organization.
- Serve as a key support function for all three lines of defense within the organization. By overseeing GRC platforms for all risk disciplines, the position will ensure that risk management responsibilities are clearly defined, and effectively executed across the organization.
Who you are and what you bring
- Bachelor’s degree in accounting, information systems, computer science, or related field.
- Professional certification such as CISSP, CRISC, or CISA is preferred.
- 10+ years of experience in building and updating Segregation of Duties (SOD) ruleset, configuring rulesets in Oracle Fusion’s GRC Access Control tool and performing SOD risk analysis at user and role level.
- Knowledge/experience in Oracle Fusion business process inherent configurable controls.
- Knowledge of on premise and cloud-based application architecture, the differences between them, advantages for each, disadvantages for each, and how each one impacts sustainability, performance, and capacity for the GRC solutions.
- Proven experience as a Project Manager, preferably in GRC, or a related domain.
- Self-starter willing to utilize and learn new technology to solve business problems in a fast-paced, dynamic environment.