GRC Consultant
- Country: United States
- Region: Illinois
Role: - GRC Consultant
Location: - Bloomington, IL --Day 1 Onsite (No Flexibility)
Job Description: -
· Security Compliance
· Required to have excellent understanding of the IT Control framework, in
particular risk assessment and control selection
· Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO
27001,SOC2, SOX,NIST,FISMA,COBIT)
· Understand the client requirements and ensure the implementation and
effectiveness of the required controls.
· Lead teams and efforts to ensure effective execution of periodic risk
assessments and drive integration of remediation efforts with the risk
management process
· Partner with service delivery leadership to both communicate and manage risk
in delivery to an acceptable level
· Partner with delivery team to increase the level of awareness of compliance
with policy and process
· Lead and perform activities to help measure and monitor compliance with
contractual security requirements, company policies and procedures to ensure
the account is compliant and audit ready
· Lead different compliance & audit testing programs and support successful
completion of various external compliance certification programs and internal
compliance assessments
· Proven ability to lead small teams dedicated to the performance of risk
management and assessment responsibilities.
· Ability to provide effective management of junior employees.
Develops and provides appropriate guidance on solutions to mitigate risks and
enhance system security
· Coordinate with other representatives to build out world class compliance
program components to include processes, procedures, and technologies.
· Deep understanding of privacy and business continuity requirements and
support R&C Privacy and BCM teams in execution of their respective program
· Demonstrates ability to work in virtual team with help of tools and
technologies
· Demonstrates ability to handle conflicting situation & should have strong
verbal, written communication & analytical skills
· Must have systematic and pragmatic approach to problem solving
· Demonstrates good inter-personal skills, high standards of professional
behavior in dealings with business customers, colleagues, and staff
· Have a good technical awareness and the aptitude to remain up to date with
information security and IT developments
· Ability to communicate Risk to non IT business owners and support function
such as HR, GWS,Physical Security, Legal, Contracting and others
· Ability to communicate risk at all levels of management up to and including
C-Level executives.
Translate business, industry, and regulatory requirements into information
security objectives and associated tactical/strategic information security
initiatives
· Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other
security related certifications are preferred.
Reference : GRC Consultant jobs