Go back to results
United States

GRC Consultant (Cybersecurity)

Position: GRC Consultant (Cybersecurity)
Location: United States
Type: Full Time

One of InterEx’s key clients within the financial industry is looking for a GRC Consultant for a full time position.

This position will be 2 days on site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position.

Job Description:

  • Development, review and continuous improvement of the Security Services Department policies/procedures
  • Recommendation of appropriate reporting frameworks, standards/best practices.
  • Assist with remediating regulatory and Internal Audit findings
  • Collect data to identify root cause of problems, identifying trends, formulating solutions, and escalating potential issues related to the lifecycle of remediation activities
  • Be the POC for Security Services to senior management in Compliance, Internal Audit, Enterprise Risk Management, Legal and the Enterprise Project Management Office.
  • Lead development, implementation, review and improvement of right sized management self-testing of controls.
  • Lead Information Security Cyber Security Working Group Program efforts.
  • Act on Security Services behalf related to compliance matters
  • Manage Security Services responses to Third-Party requests and surveys
  • Perform ad-hoc duties for Security Governance management as necessary

Experience required:

  • Knowledge of regulatory, legal rules & requirements (e.g., SEC, CFTC, Federal Reserve Board, etc.) within IT Security.
  • Experience working with frameworks (e.g. NIST CSF, NIST 800-53, CIS 20, COBIT, COSO, ITIL, ISO 27001, CSA CCM, etc.)
  • IT and risk management concepts
  • IT Security policy, procedure and control writing.
  • Basic knowledge of Cloud implementation/Cloud compliance
  • Understanding of Systems Development Life Cycle (SDLC) process (Agile) and Secure Software Development Lifecycle.