GRC Security Consultant (Governance, Risk and Compliance) - Freelance [Remote] - Braintrust None Bookmark Share Print 161 0 2

Listing Description


  • JOB TYPE: Freelance, Contract Position (no agencies/C2C - see notes below)

  • LOCATION: Remote - United States only (TimeZone: EST | Partial overlap)

  • HOURLY RANGE: Our client is looking to pay $115 – $125/hr

  • ESTIMATED DURATION: 40h/week - Long term


THE OPPORTUNITY




Start date: ASAP


This is a 6 month contract opportunity with the possibility of converting into an FTE.


 


Security Consultant is a client-focused position that works with the company's clients to develop a comprehensive security program. Our client's GRC Security Consultants’ responsibilities include planning, implementing, and monitoring various security control frameworks. The GRC Security Consultant will be part of a select group of industry-recognized experts and work on unique security solutions associated with next generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements. 


 


Skillsets 




  • Knowledgeable of industry standards such as NIST 800-53, NIST CSF, NIST 1800-23, DFARS and CMMC, NYS DFS, NYS Shield Act, HIPAA, NYS DOH OHIP SSP, NERC CIP, GDPR, PCI-DSS, CIS CSC. 




  • Demonstrated standards assessment experience




  • General knowledge IT consulting, control implementation and optimizations, along with auditing security domains such as identity and access management, data encryption, application security, firewall auditing, vulnerability management and reporting, and asset management




  • Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments




  • Experience developing security analysis documentation and recommended remediation actions




  • General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards




  • Experience with interfacing and presenting to C-level executives






 


Requirements




  • Proven collaborator




  • Takes ownership of the project, tasks, and client deliverable




  • Ability to prioritize effectively and handle shifting priorities professionally




  • Exemplary written and verbal communication skills




  • Produce and review reports to support project deliverables




  • Create clearly stated remediation recommendations based on industry best practice




  • Successfully interface with clients (internal and external)




  • Document and explain technical details in a concise, clear manner




  • Comfortable with public speaking in front of an audience




  • Manage personal schedule, projects tasks, and team deliverables




  • Participate in pre-sales calls and write consulting proposals and statements of work




  • Assist the Sales team in presenting proposals and closing sales opportunities




  • Provide weekly time accounting and monthly expense reports




  • Occasional travel as required by client engagement




Certifications




  • CISSP, required 




  • CISM and CISA, desired.




 


Responsibilities




  • Develop client GRC programs and System Security Plans




  • Conduct compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments




  • Facilitate security compliance gap analysis workshops




  • Coordinate organizational remediation efforts based on plan of action and milestones, which is derived from the gap analysis workshops




  • Partner with technical teams, advising both on applicable control requirements and potential solutions to address them




  • Collaborate with client security, IT, and business teams to streamline security process and procedure development




  • Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence




  • Drive remediation activities with stakeholders, including developing remediation plans, tracking, and reporting remediation progress




  • Support evidence collection and documentation for internal and external audits




  • Perform continuous monitoring activities and track control health metrics




  • Develop and manage internal GRC initiatives




  • Stay up to date and proactively informed on developing regulatory concerns and evolving compliance control solutions




  • Report on security operations to client leadership teams in terms of risk and compliance




  • Work with our client's team to provide evidence at time of external client audits




  • Participate in security and compliance testing of client infrastructure




 


What you’ll be working on




 


Our client is an IT consulting and services organization that specializes in cybersecurity, compliance, cloud, data, and application development. They work with businesses all over the world to reach their goals. Basically, they use technology to help businesses grow. Cool, right?


They’re a global company with offices in 3 countries and over 350 employees around the globe, they strive to stay true to their roots: trust, accountability, creativity, community, and collaboration.


Their culture underpins everything they do. In fact, they’re a Certified Great Place to Work. They’re looking for people who share their values, have passion for technology, and will make an impact on their clients’ lives and their communities.


So, here’s a bit about what it’s like to work at the company:




  • Focus on learning. Their team has an exceptionally wide breadth of expertise across the IT spectrum. You will learn about other areas of the industry by being immersed with their technology experts. 




  • They embrace change. They believe that when creativity is fused with technology in just the right way, amazing things can happen. World-changing things. They foster a creative and collaborative environment for employees and their teams.




If you're excited by the thought of working for a company like that, they want to hear from you!




Apply Now!


Braintrust Job ID: 6664


 

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!