full-time part-time employee contract
What you'll do...
H&R Block GRC Team Lead
H&R Block is seeking a highly motivated leader to join our Information Security Governance, Risk, & Compliance (GRC) Team. The position will serve as the primary point of contact for our governance efforts as well as supporting the growth of our risk management practices. The ideal candidate will be a self-motivated and driven people leader who possesses a passion for details and a thorough understanding of governance concepts, particularly as they related to Microsoft Azure.
Partner with other members of our GRC Team to develop positive relationships and serve as a highly professional representative to both internal and external customers.
Drive the maturation of the H&R Block Cloud Governance Program including:
Development of Azure specific governance standards to meet regulatory requirements and risk-based objectives
Evaluation of new Azure resources to determine appropriate controls
Timely and appropriate reporting on Azure governance efforts
Drive the maturation of the H&R Block Enterprise Information Security Policy Program including:
Identification of needed policies, standards, and guidelines
Development and maintenance of robust, high-quality, information security policies, standards, and guidelines.
Delivery of periodic policy attestation campaigns
Conduct regular policy lifecycle reviews and revisions
Maintain and mature the existing GRC Team document library.
Support the completion of comprehensive risk assessments of business and technology sponsored projects and initiatives, including engagements with third parties.
Establish and cultivate relationships by interacting with all levels of the organization to ensure activities are understood and completed appropriately.
Support, communicate, and reinforce the mission, values, philosophy, and culture of the GRC Team, Information Security Team, and H&R Block.
About H&R Block...
We're here to live our purpose—to provide help and inspire confidence in our clients and communities everywhere. We take our work personally, because we know what it represents: Families and homes. Livelihoods and lives.
We've been true to that purpose since brothers Henry and Richard Bloch founded our company in 1955. Since then, we've grown to approximately 12,000 tax offices throughout the United States and around the world. When you join our team, you'll add to the momentum of a forward-thinking company—one that defined an industry and is now leading its transformation.
It would be even better if you also had...
Familiarity with Factor Analysis of Information Risk (FAIR) methodology for quantitative risk analysis
Master's Degree in related field.
Experience with the OnSpring Platform.
Project/Program management knowledge certification and/or experience.
Knowledge of DevOps or DevSecOps
What you'll bring to the team...
At least 3 years of experience managing Microsoft Azure security capabilities
Deep understanding of information security discipline with at least 5 years of experience in a security related profession
Bachelor's degree in a related discipline or equivalent knowledge.
Familiarity with CIS and NIST frameworks.
Demonstrated, in-depth, understanding of governance concepts including how they are translated and implemented in Microsoft Azure
In-depth knowledge and understanding of Azure security concepts and capabilities as they relate to applicable regulations and frameworks (NIST, SOX, CIS, PCI, CCPA, GDPR, STIGS, NIST, etc.).
Excellent people leader skills, with demonstrated experience leading both technical SMEs and mentoring junior-level personnel.
Proven ability to take initiative, work independently, and effectively organize multiple work streams.
Strong ability to build and maintain effective partnerships with internal and external customers.
High level of verbal and written communications skills, including translating technical details to business terms.
Strong analytical and problem-solving skills with the ability to think and adapt quickly.
Ability to learn quickly and take on new responsibilities as the team evolves.