The GRC Podcast

Bridging the Gap between GRC and Security Engineering with Jeevan Singh

Oct 25, 2023

Join the discussion on bridging the gap between Governance, Risk, and Compliance (GRC) and security engineering with insights from Jeevan Singh. Learn about the pivotal roles of active listening, clear communication, mentorship, and collaboration. Gain valuable perspectives on rotational programs, vendor security assessments, threat modeling, diversity in security, and the evolving landscape of GRC.

01:01:49

Episode guests

Jeevan Singh

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Active listening and clear communication crucial for harmonizing GRC and security engineering.

Security engineers focus on scalability, empathy, and problem-solving for creating secure solutions.

Automation enhances GRC processes, but human interaction remains vital for effective collaboration.

Deep dives

Importance of Collaboration Between GRC and Security Engineering

Establishing strong collaboration between GRC and security engineering is essential for organizational efficiency. By fostering genuine care and support for team members, security leaders can build a collaborative culture that leads to program success. Active listening, clear communication, and mentorship play pivotal roles in achieving a harmonious relationship between GRC professionals and security engineers.

Introduction

2min

Security Engineering and Collaboration with GRC

11min

Streamlining Collaboration between GRC and Security Engineering

17min

Effective Communication Strategies for Information Security Initiatives in Large Organizations

2min

Effective Collaboration Between GRC Teams and Security Engineering

23min

Transition to a Paid Format and Threat Modeling Importance

5min

Building Strong Relationships Between GRC and Security Engineering Teams

2min

Want to discover the key to bridging the gap between Governance, Risk, and Ever wondered about the bridge between Governance, Risk, and Compliance (GRC) and security engineering? Enter Jeevan Singh, Senior Staff Security Engineer at Rippling. Through his journey, Jeevan highlights the pivotal roles of active listening, clear communication, and mentorship. These are the tools that harmonize the objectives of GRC and security engineering, facets of the same coin that can occasionally clash within organizations.

Our conversation emphasizes the essence of collaboration in molding a unified culture. Drawing from Jeevan's successes, understand the depth of his rotational programs. They're not just about letting engineers touch various security domains but about teaching them to empathize, not just understand. As we venture further, Jeevan shares his perspective on the evolving landscape of GRC, especially with the emergence of workflow engineers adept at bridging team divides. A moment of reflection is also essential; we turn the lens inward, recognizing the unintentional challenges we might pose for our peers and exploring pathways to alleviate them with enhanced communication and clear documentation.

We end the conversation with Jeevan guiding us through the nuances of vendor security assessments comparing the roles of GRC and Security Engineers in the process, discussing the pivotal role of threat modeling, and the undeniable importance of diversity in sculpting a resilient security culture.

Join us on this enlightening exploration.

For show notes, please visit The GRC Podcast website.

Sign up for our Bi-Weekly Newsletter