Job Title: Security Track Consultant
Location: New Jersey
Job Description
The GRC Consultant /SME
At least 5 8 years of GRC experience preferably in ERM.
Desired Role
- Worked as first point of contact for Information Security Risk Compliance Data Privacy Business Continuity and Technology related requirements.
- Oversee and manage security and compliance issues of process/account to adhere to the client requirements.
- Maintain Framework and Related Policies
- Coordinate development and implementation of the security and risk program.
- Perform reviews on audit controls and measurements and conduct Risk Assessments to ensure correct practices are established and adhered to.
- Ensure Risk Remediation and Exception are done appropriate in compilation with CRO and Business Leads
- Liaison with Business Unit for Risk management activities
- Report at predefined intervals to the appropriate stakeholders on the status of compliance program.
- Respond appropriately to Business Chief Risk Office Team
To qualify for the role you must have:
- Experience in delivering GRC technology enablement services using Industry Leading GRC/IRM platforms
- Experience in Risk Management Audit Management Business Continuity and other risk management processes.
- Remain current on new developments in GRC technology implementation services capabilities and industry knowledge.
- Experience in tools like ServiceNow Archer MetricStream CIS certification in GRC/ IRM suite (Risk and Compliance Vendor Risk Management Oprisk etc.)
- Strong understanding of compliance and risk management processes.
- Good operational handson experience in GRC Function
- Strong analytical interpersonal communication writing and presentation skills.
- Demonstrates integrity values principles and work ethic.
- Good knowledge of Information Security Management System and Audits
- Experience in implementing/ facilitating audits for ISO 27001:2005/ SOC1 Type2 (SSAE)/ PCI
- Knowledge of NIST CIS HIPAA Data Privacy (DPA GDPR)
- Proficiency in Stakeholder management and senior leadership communication/reporting
- Proficiency in Client engagement and Risk communication with Leadership
- Establish value added analytics and initiatives within the function.
- Drive and Measure Key Risk metrics.
- Selfdriven with project management skills to lead internal projects and be the face for the function at an account / location level.
Qualifications
- Bachelors degree in computer science information security or related field.
- Preferred: Certified: ISO 27001:2005 ISO22301 PCIDSS IT/Network Security CCNA
- Desired: CISA / CRISC / CISSP/ CISM
- Proficiency with MSExcel/VB/PowerPoint
GRC,NIST,CIS,HIPAA