GRC Advisory Consultant
Posted 2025-04-06Description
Client is looking to expand the Governance, Risk and Compliance Security Consulting Practice. Successful candidates will provide our clients with guidance pertaining to security and privacy regulatory and industry standard requirements, security risk assessments, and GRC consulting...
Key Job Responsibilities Will Include
 Leading vendor risk management engagements and formalized risk analysis engagements.
 Lead and guide information risk and security discussions with technical and non-technical groups
 Identify enterprise information security and compliance related problems and challenges; research and develop technical solutions to rectify them
 Develop and operationalize enterprise information security programs and related components
 Analyze client security programs for maturity and performance relating to industry accepted best practices.
 Develop recommendations for remediating risk and compliance gaps
 Evaluate information security risk in for business environment controls and industry requirements
 Provide client guidance for information security best practices.
 Follow standard methodologies for evaluating industry security controls based on formulized security frameworks.
 Execute in high demanding, fast paced environments with tight deadlines.
 Draft deliverable documentation to meet client security needs
 Create security roadmaps for client security program development and improvement.
Required Qualifications
 BA/BS in information technology or related field preferred
 5-7 years of experience in security governance, risk assessments and regulatory/controls experience
 CISM, or CISA certification a plus
 Solid understanding of the evolving security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices
 CISSP certification
 Assess clients against a wide variety of security and compliance frameworks including State based privacy and security regulations, SOX, GDPR, NIST-CSF, ISO/27001/2
 Experience and firm understanding of the development and implementation of information security policies, standards and related procedures for security programs
 Ability to provide risk-based recommendations based upon the size and complexity of the client's organization
 Strong interpersonal and customer relationship skills
 Strong presentation skills with ability to convey ideas at the C-Level.
 Written communication skills for use in preparing formal documentation including deliverables, Statements of Work, proposals, white papers, and case studies
 Verbal skills that include the ability to clearly articulate thoughts, be persuasive and to deliver presentation and training to all levels of management
 Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
 Ability to interface with C-levels, as well as tactical implementers
 Strong investigative and analysis skills with the ability to handle confidential information
Additional Qualifications
 Consulting experience is a plus
 Privacy experience a plus
 Understanding of available security tools and technologies
 Experience with Archer, OneTrust, Alyne or similar software
Apply Job!