One of InterEx’s key clients within the financial industry is looking for a GRC Consultant for a full time position.
This position will be 2 days on site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position.
Job Description:
- Development, review and continuous improvement of the Security Services Department policies/procedures
- Recommendation of appropriate reporting frameworks, standards/best practices.
- Assist with remediating regulatory and Internal Audit findings
- Collect data to identify root cause of problems, identifying trends, formulating solutions, and escalating potential issues related to the lifecycle of remediation activities
- Be the POC for Security Services to senior management in Compliance, Internal Audit, Enterprise Risk Management, Legal and the Enterprise Project Management Office.
- Lead development, implementation, review and improvement of right sized management self-testing of controls.
- Lead Information Security Cyber Security Working Group Program efforts.
- Act on Security Services behalf related to compliance matters
- Manage Security Services responses to Third-Party requests and surveys
- Perform ad-hoc duties for Security Governance management as necessary
Experience required:
- Knowledge of regulatory, legal rules & requirements (e.g., SEC, CFTC, Federal Reserve Board, etc.) within IT Security.
- Experience working with frameworks (e.g. NIST CSF, NIST 800-53, CIS 20, COBIT, COSO, ITIL, ISO 27001, CSA CCM, etc.)
- IT and risk management concepts
- IT Security policy, procedure and control writing.
- Basic knowledge of Cloud implementation/Cloud compliance
- Understanding of Systems Development Life Cycle (SDLC) process (Agile) and Secure Software Development Lifecycle.