Role Summary
The Security Strategy and Execution Specialist plays a key role in supporting the operational execution of the Information Security team's governance, risk, and compliance (GRC) functions. This role is responsible for coordinating internal initiatives, managing issue tracking processes, supporting executive-level reporting, and enabling consistent delivery of metrics and KRIs.
The individual will work closely with GRC team members and stakeholders across the organization to ensure timely and accurate execution of security-related deliverables.
Core Responsibilities
- Own the monthly development and delivery of board-level and executive security presentations.
- Maintain and manage issue tracking workflows, ensuring timely updates and resolution across InfoSec and business units.
- Coordinate internal security initiatives and cross-functional efforts, driving alignment and accountability.
- Support the collection, analysis, and reporting of security metrics and key risk indicators (KRIs).
- Maintain documentation and dashboards to support transparency and operational reporting.
- Collaborate with GRC team members to support compliance, risk management, and audit readiness activities.
- Facilitate communication between InfoSec leadership and internal stakeholders to ensure clarity and progress on strategic initiatives.
Required Qualifications
- Demonstrated experience in operations, coordination, or reporting within a security, risk, or compliance environment.
- Strong organizational and communication skills with a focus on execution and attention to detail.
- Familiarity with GRC frameworks such as PCI-DSS, NIST CSF, ISO 27001, or CIS Controls.
- Ability to manage multiple priorities and deliverables in a dynamic environment.
- Proficiency in Microsoft Office Suite, especially PowerPoint and Excel.
- Experience with collaboration tools such as Confluence, Jira, or SharePoint.
Preferred Qualifications
- Experience with data visualization tools (e.g., Power BI, Tableau).
- Understanding of risk management and compliance processes.
- Background in cybersecurity or information security operations.