GRC Specialist

OtherRemote, Pristina, Albania


Description

Location: Kosovo

Our Story:
Litera, headquartered in Chicago, IL, is a fast-growing software company and one of the leading legal technology suppliers in the world. Serving more than 90% of the world's largest law firms, our software is used by hundreds of thousands of lawyers every day. As a company recognized as one of the best places to work, we believe professional development, rewards programs, open communication, and transparent leadership all contribute to a unique and open work environment. Our employees are driven, energetic, passionate, and have the ability to make a direct impact on the future of the company.

Litera is looking for a GRC Specialist to join our Kosovo team. This is an entry level role within the GRC team that would be ideal for a new college graduate or 2+ years’ experience participating in customer security assessments, and other forms of security and compliance oversight. This role will report to the Manager, GRC and support Litera's Information Security Management System, compliance and risk reduction initiatives.

What You'll Be Doing
Specific

  • Respond to customer security and compliance audits/assessments, following up with SMEs as required
  • Maintain a central repository of customer security and compliance questions and projects
  • Monitor the security and compliance queue for incoming customer requests (security evaluations or questions), ensuring that a ticket is created for all requests
  • Provide weekly stats on new customer security evaluations
  • Other projects as assigned

General

  • Assist in the management and maintenance of Litera’s Information Security Management System (ISMS) to advance the business’s compliance accreditations such as ISO 27001 and SOC 2
  • Advise the Manager, GRC immediately of any blockers to achieving personal, team or company objectives
  • Contribute to the GRC team process documentation

What You Bring

  • Working knowledge of Information Security Management Systems (ISMS) and the ISO 27001 standard
  • Understanding of cloud security and third-party security risks
  • Knowledge of regulatory compliance and privacy standards including GDPR and related sensitive data types
  • Two plus years’ experience participating in audits, assessments, and other forms of security and compliance oversight
  • Understanding of the differences and relationships between security, risk, compliance, and privacy principles
  • Experience with using GRC tools for internal use and in managing third-party risk
  • Strong initiative, proactive, enthusiastic, drive and desire to learn continuously
  • Comfort with change and a fast-paced environment
  • Relentless attention to detail
  • Analytical thinking


Success Criteria in this Role

  • Requires minimal supervision for tasks assigned
  • Prioritizes work to meet deadlines
  • Maintain playbook for GRC standard operating procedures
  • Maintain repository of standard responses for customer compliance assessments
  • Respond to customer security assessment questionnaires quickly and accurately

What Sets Us Apart?

  • Work with a team that has a proven track record.
  • Our company's growth will challenge and encourage you to broaden your skills.
  • Generous allocation of paid time off, and flexible work hours.
  • Available merit-based cash bonus plan.
  • Comprehensive medical coverage and Employee Assistance Program
  • Many opportunities for rewards and recognition