Cloud GRC Analyst

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

High Level Roles & Responsibilities include -

• Support the Senior Consultants to establish strong professional relationships and partner with first, second & third lines of defense teams to execute audits and minimize risk to the Cloud environment.
• Support the Senior Consultants to reduce complexities for Cloud control owners and improve attestation experience.
• Support the Senior Consultants to assess the impact of enterprise Policies, Frameworks and Directives on Cloud controls, audit readiness and results.
• Support the Senior Consultants in designing, developing and implementing a holistic Cloud governance framework that aligns with Sun Life requirements and applicable industry frameworks such as CSA CCM, NIST, SOX, SOC, ISO series, COSO, as well as regulatory standards.  
• Partner with Cloud, Privacy, Data and Analytics, Security, Risk and Crisis Management teams to ensure adherence to relevant regulatory and contractual obligations.
• Support subject matter experts (SMEs) to provide responses to Client and regulatory requests for information that are applicable to the Cloud environment.
• Support the Senior Consultants to design, develop and implement a holistic framework that aligns with enterprise requirements, industry frameworks and regulatory standards.
• Advocate for 'security & compliance by design' principles.
• Support the Senior Consultants in the effort to optimize Cloud controls register with clear metrics and relevant dashboards (using data analytics capabilities) for executive reports.

Eligibility & Functional Competencies

• In-depth knowledge of internationally recognized standards and frameworks such as ISO series, NIST, CSA, COSO, etc.
• Solid understanding of Cloud models, Cloud-Native Application Protection Platform (CNAPP), risk management taxonomy, control frameworks and compliance practices.
• Ability to work collaboratively with cross-functional teams and partner with stakeholders.
• Strong verbal and written communication skills to interact with colleagues, communicate with executives and business stakeholders.
• Knowledge in managing Cloud audits, risks and controls at an enterprise scale.
• Knowledge of project management methodology, agile delivery, JIRA & Confluence.
• Relevant university degree and willingness to upskill, as required.
• Relevant designations/certifications (e.g. CISA, CIA, CCSP, CCSK, CISSP, CISM, CRISC).
• Demonstrated experience in developing, improving and optimizing processes, in accordance with best practices.

Competencies (Behavioral)

• Excellent verbal and written communication skills, with strong interpersonal skills
• Self-motivated and independent
• Analytical thinker with strong conceptual and problem-solving skills
• Experience in managing change in a cross-functional environment and operate effectively under pressure
• Ability to resolve issues creatively, effect change, and execute in an accelerated manner
• Excellent planning and organization skills and the ability to deal with complex issues
• Experience working in a client-facing, matrix, project-based assignments
• Maintain knowledge currency (trends and business/operating models) and an understanding of the digital business paradigm at a business level

Job Category:

Risk Management

Posting End Date:

29/04/2025