GRC consultant

JD

Exp : 1-3

Looking for candidates to join with 15-30 days

• Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security and never miss a deadline.
• Effectively and appropriately communicate audit engagement reports and recommendations to client management and resolve any client concerns or questions.
• Ensure 100% certification success rate on ISMS projects.
• Grow into a role with increasing responsibility.
• Significant experience leading information security audits with a preference for IS0 27001 and SOC 2 audits or assessments.
• Experience in leading or knowledge with implementations.
• Experience authoring policies and procedures.
• Significant experience working as a consultant working in a consulting firm
• Significant knowledge of ISO 27001 / 2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
• Solid knowledge of the NIST 800-171 / FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
• Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
• Experience and knowledge with Governance, Risk Management and Compliance.
• Experience with the my riad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
• Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
• Familiarity with related standards (e.g., SSAE-16 SOC1,

SOC2, ISO-22301, ISO-9001).

If interested kindly share your resume at [HIDDEN TEXT]

Show more

Show less

Skills Required

Ceh, Hipaa, Cisa, SOC2, Mcse, Iso 27001, Oscp, Cissp, Sox