Information and Cyber Security GRC Tool Product Manager

Job Description

Job title: Information and Cyber Security GRC Tool Product Manager

Company: Willis Towers Watson

Job description: WTW’s Information & Cyber Security (ICS) team have a newly create opportunity as GRC Tool Product Manager, to support in leveraging functionality of our recently implemented GRC tool and managing continuous improvements of its development.

This role is aligned to our hybrid workstyle, predominantly based from home with occasional travel to WTW offices.

The Role

This role will support the maintenance and operation of all ICS GRC processes within the tool and will therefore include activities such as:

• Planning and prioritization of GRC tool development and features (requirements) backlog.
• Assess value, develop business cases, to ensure work aligns to overall ICS strategy.
• Lead the release plans for delivery of new functionalities.
• Working closely with our WTW Enterprise Risk Management (ERM) partners to ensure alignment to ERM processes.
• Map and maintain relevant user journey flows and processes.
• Perform quality assurance to ensure standards are maintained in using the GRC tool.
• Develop and maintain user training manuals.
• Provide training to end users.
• Manage user access to the GRC tool.
• Establish reporting of progress GRC implementation phases including budget management.

The Requirements

Skills:

• Knowledge and experience of Governance, Risk and Controls framework and related processes.
• Knowledge of GRC tools is essential, but experience of one specific product is not required. Examples include Riskonnect, Archer, OneTrust, LogicGate etc.
• Experience of implementations using Agile approach and practices.
• Experience of risk and issue management.
• Detail-oriented and capable of delivering at a high level of accuracy.
• Experience of analysing reporting submissions for completeness and accuracy, and addressing areas of concern with contributors.
• Proven ability to prioritise conflicting deadlines and priorities, and respond quickly to changing priorities.
• Able to elicit the required information from a range of stakeholders within a given timeframe.
• Able to interpret & present data and information in the appropriate format for different audiences.
• Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc).
• Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.

Qualifications:

• Educated to degree level or equivalent.
• Hold professional qualifications in a related subject for example, CRISC, CISSP, CISM, CISA.
• 2 years + experience in product management role (preferably within an information and cyber security function).
• Experience of working within a global financial organisation.

Behaviours:

• Resourcefulness and organizational agility.
• Global team player with good interpersonal and influencing skills.
• Conflict management resolution (options analysis).
• Customer focus, integrity and trust.
• Personal learning & development.

At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.

Expected salary:

Location: London

Job date: Wed, 15 Nov 2023 05:02:44 GMT

Apply for the job now!