Senior GRC Consultant

InfoSec Hires - Tampa, FL

Senior GRC Consultant

Company Description:

Our client is fundamentally different from most Cybersecurity providers. They address clients’ risk from a business strategy first and cyber-technologies second. This methodology ensures their clients’ technical and non-technical leadership can make unbiased strategic decisions that positively impact the entire organization.

As one of the few solely dedicated full-service Cybersecurity and Governance, Risk & Compliance (GRC) firms, our client provides companies with a single trusted source for all cybersecurity and compliance products, solutions, and managed services. Regulatory Compliance and Cybersecurity is not a part of what they do. It is their sole focus.

Requirements and Expectations:

3+ years’ client-facing experience with the following:

    • Perform and manage assessments against information security frameworks
    • Be an expert in two or more assessment types, including but not limited to: ISO 27000 series, HIPAA and HITRUST, NIST, SOC2, Privacy.
    • Perform and manage assessments including but not limited to: sampling, risk management, maturity scoring and strategic/tactical scoring.
    • Perform and manage assessments including planning, scheduling, interviews, observations, technical testing, site visits, documentation review, reporting and quality assurance.
    • Handle all aspects of engagement work in an expert manner, including: time management, issue management, organization and proactive communication.
    • Perform technical validation activities in an expert manner in accordance with information security frameworks, including but not limited to: routers, firewalls, wireless devices, and IDS/IPS configurations, network architecture designs, log data and SIEM configuration, anti-virus implementations, server and workstation configurations, encryption solutions and key management, database schema and table design, access control systems and user accounts, FIM, vulnerability management and penetration testing results, etc.
    • Develop and/or review policies, standards, processes and procedures
    • Assist with the development and training of Associate Consultants and Security Consultants.
    • Provide ideas and solutions for the improvement of programs, methodologies, processes and procedures.


Posted On: Tuesday, March 3, 2020



Apply to this job
or