Principal GRC Consultant (Remote)

Apply for this position Please mention DailyRemote when applying
timePosted 2 days ago location United States salarySalary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

You will serve as a senior team lead for Governance Risk, Compliance Consulting and Advisory Services focusing on large scale security programs. This position requires security and management experience as well as a strong understanding of the Security Frameworks and Compliance controls.

Leading the operationalization of security compliance programs to support various compliance regulations that Client needs to comply with and leading a team of security risk assessment specialists who focus on performing risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.

Job description
  • Being a security management "ambassador" to both internal and external customers.
  • Responsible for working with sales to appropriate scope and manage client engagements.
  • Providing guidance and leadership to other risk management team members.
  • Managing engagements, you must support delivery, providing direction for team members, and managing other aspects of the engagement project.
  • Responsible for mentoring and leadership for the team.
Minimum Qualifications
  • Bachelor's degree or four or more years of work experience.
  • Six or more years of relevant work experience.
  • Experience in security governance, risk assessments and regulatory/controls experience.
  • CISSP, CISM or CISA certification.
  • Experience with the security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices.
  • Experience and knowledge of the development and implementation of information security policies, standards and related procedures for security programs

Even better if you have:

  • Ability to assess clients against a wide variety of security and compliance frameworks including State based privacy and security regulations, SOX, GDPR, NIST-CSF, ISO/27001/2.
  • Ability to provide risk-based recommendations based upon the size and complexity of the client's organization.
  • Strong business development capabilities.
  • Strong presentation skills with ability to convey ideas at the C-Level.
  • Proven investigative and analysis skills with the demonstrated ability to handle confidential information.
  • Willingness to travel.
- provided by Dice