One of InterEx’s key clients within the financial industry is looking for a GRC Consultant for a full time position.

This position will be 2 days on site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position.

Job Description:

• Development, review and continuous improvement of the Security Services Department policies/procedures
• Recommendation of appropriate reporting frameworks, standards/best practices.
• Assist with remediating regulatory and Internal Audit findings
• Collect data to identify root cause of problems, identifying trends, formulating solutions, and escalating potential issues related to the lifecycle of remediation activities
• Be the POC for Security Services to senior management in Compliance, Internal Audit, Enterprise Risk Management, Legal and the Enterprise Project Management Office.
• Lead development, implementation, review and improvement of right sized management self-testing of controls.
• Lead Information Security Cyber Security Working Group Program efforts.
• Act on Security Services behalf related to compliance matters
• Manage Security Services responses to Third-Party requests and surveys
• Perform ad-hoc duties for Security Governance management as necessary

Experience required:

• Knowledge of regulatory, legal rules & requirements (e.g., SEC, CFTC, Federal Reserve Board, etc.) within IT Security.
• Experience working with frameworks (e.g. NIST CSF, NIST 800-53, CIS 20, COBIT, COSO, ITIL, ISO 27001, CSA CCM, etc.)
• IT and risk management concepts
• IT Security policy, procedure and control writing.
• Basic knowledge of Cloud implementation/Cloud compliance
• Understanding of Systems Development Life Cycle (SDLC) process (Agile) and Secure Software Development Lifecycle.