As a Sr. Cyber Security GRC Specialist, you will partner with Cyber Security, IT, compliance, and business stakeholders to help measure adherence to Bayer policies and procedures aligned to industry standards; assess the effectiveness of security and compliance processes; track key IT security deliverables; and contribute to audit readiness.

Your tasks and responsibilities will include:

• Supporting Cyber Security risk management activities to identify, assess, and help mitigate risks, including contributing to the operation and continuous improvement of the Cyber Security framework;
• Developing and maintaining key performance indicators (KPIs), dashboards, and metrics to measure the effectiveness of initiatives;
• Collaborating with cross-functional teams to help integrate Cyber Security assurance principles into business processes and systems;
• Providing guidance and day-to-day support across the organisation on Cyber Security assurance topics, following established standards and practices;
• Monitoring regulatory changes and industry trends and summarising impacts to policies, controls, and risk posture;
• Coordinating evidence collection and responding to auditor inquiries in partnership with control owners and subject matter experts;
• Contributing to strategic initiatives by supporting planning, tracking milestones, and producing high-quality deliverables;
• Supporting continuous improvement of the data classification framework that categorises data based on sensitivity and risk;
• Partnering with stakeholders at all levels of the organisation to help ensure appropriate classification of data assets across the organisation;
• Assisting with periodic reviews and updates to classification policies to align with regulatory changes and business needs;
• Supporting identification and management of the organisation's critical data assets ('crown jewels');
• Helping implement and maintain security requirements and protection measures for high-value data assets in partnership with relevant teams;
• Participating in assessments and control reviews related to crown jewel data to support compliance with security standards;
• Supporting data discovery and inventory activities to improve visibility of data assets across the organisation;
• Utilising data discovery tools and techniques to help identify sensitive data and its locations;
• Maintaining an up-to-date inventory of data assets, including classification and documented protection measures;
• Working closely with IT, compliance, and legal teams to help ensure alignment on data protection requirements and implementation plans;
• Serving as a point of contact for data security inquiries by triaging requests and connecting teams with the right standards, processes, and subject matter experts;
• Promoting strong collaboration and alignment with broader GRC capabilities and ways of working.

The primary location for this role will be Creve Coeur, MO (St. Louis, MO metro area).

If you're interested in this opportunity, please submit your application.

XML job scraping automation by YubHub