Position GRC consultant onsite
Position GRC consultant onsite
Posted on :
02-10-2024
Employer Active
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Posted on :
02-10-2024
Job Description
Position GRC consultant (onsite)
Work authorization: any (candidate must be authorized to work in US)
Musthave ss: 710 y of IT Audit exp; 3 y of IT Risk Management exp; 3 y of handson technical exp (e.g. developer system administrator); NIST 80030 Risk essment Standard or PCI DSS standards
PREFERRED : governmental exp business process mapping and doentation
policy and procedure development IT General Controls evaluation and design Information Security threat landscape.
CERTIFICATIONS : CISA CISSP.
Location: Boca Raton FL
PLEASE SEND LOCAL CANDIDATES ONLY (registered and currently located in FL).
Candidates from other locations wont be considered. Relocation is not acceptable
Seniority on the s/s required on this requirement: Sr.
Earliest Start Date: ASAP
Type: Temporary Project
Estimated Duration: 10 months with possible extension (s)
Additional information: The candidate should be able to provide an ID if the interview is requested. The candidate interviewing must be the same individual who will be igned to work with our client.
Requirements:
Availability to work 100% of the time at the Clients site in Boca Raton FL (required);
IT Audit experience (710 years);
IT Risk Management lifecycle experience (3 years);
Handson technical experience e.g. developer system administrator (3 years);
Experience working with NIST 80030 Risk essment Standard;
Experience with IT General Controls evaluation and design;
Experience with PCI DSS standards.
Preferred:
CISA and CISSP certifications
Government experience.
Experience in Information Security with uptodate knowledge of the current threat landscape;
Experience with business process mapping doentation and policy and procedure development.
Responsibilities include but are not limited to the following:
Perform PCI ISO COBIT and applicable State of Florida cybersecurity controlsrelated
reviews to ensure that current new and technology infrastructure complies with these standards and security policies;
Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including essment of new or enhanced implemented controls;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
Identify and rank the value sensitivity and criticality of the operations and ets that could be affected should a threat materialize in order to determine which operations and
ets are the most important;
For the most critical and sensitive ets and operations estimating the potential losses or damage that could occur if a threat materializes including recovery costs.
Thank you for your interest in doing business with us.
Also Id like to remind you that as per the executed Letter of Intent your company has certified the following below:
Work authorization: any (candidate must be authorized to work in US)
Musthave ss: 710 y of IT Audit exp; 3 y of IT Risk Management exp; 3 y of handson technical exp (e.g. developer system administrator); NIST 80030 Risk essment Standard or PCI DSS standards
PREFERRED : governmental exp business process mapping and doentation
policy and procedure development IT General Controls evaluation and design Information Security threat landscape.
CERTIFICATIONS : CISA CISSP.
Location: Boca Raton FL
PLEASE SEND LOCAL CANDIDATES ONLY (registered and currently located in FL).
Candidates from other locations wont be considered. Relocation is not acceptable
Seniority on the s/s required on this requirement: Sr.
Earliest Start Date: ASAP
Type: Temporary Project
Estimated Duration: 10 months with possible extension (s)
Additional information: The candidate should be able to provide an ID if the interview is requested. The candidate interviewing must be the same individual who will be igned to work with our client.
Requirements:
Availability to work 100% of the time at the Clients site in Boca Raton FL (required);
IT Audit experience (710 years);
IT Risk Management lifecycle experience (3 years);
Handson technical experience e.g. developer system administrator (3 years);
Experience working with NIST 80030 Risk essment Standard;
Experience with IT General Controls evaluation and design;
Experience with PCI DSS standards.
Preferred:
CISA and CISSP certifications
Government experience.
Experience in Information Security with uptodate knowledge of the current threat landscape;
Experience with business process mapping doentation and policy and procedure development.
Responsibilities include but are not limited to the following:
Perform PCI ISO COBIT and applicable State of Florida cybersecurity controlsrelated
reviews to ensure that current new and technology infrastructure complies with these standards and security policies;
Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including essment of new or enhanced implemented controls;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
Identify and rank the value sensitivity and criticality of the operations and ets that could be affected should a threat materialize in order to determine which operations and
ets are the most important;
For the most critical and sensitive ets and operations estimating the potential losses or damage that could occur if a threat materializes including recovery costs.
Thank you for your interest in doing business with us.
Also Id like to remind you that as per the executed Letter of Intent your company has certified the following below:
- The same Candidate that interviews with our Recruiters will be the one who needs to show up at the Clients site.
- The same resume submitted under his/her name will belong to that Candidate appearing in person.
- Resumes and S Matrixes will be completed fully and accurately and reflected in the resume consistently with verifiable work experience and credentials. Resumes cant be edited or customized to fit the job description.
- References will be of past supervisors at the client companies where you had placed your Candidate.
- If you want to submit candidates who are not currently your W2 employees please ensure that you obtain their righttorepresent form prior to sending them to us. We may request this form in the event of a conflict. Our experience shows that such candidates may ask to engage directly claiming that they have no relationship with the vendor presenting them.
- Any Candidate you submit to us to the best of your knowledge is ready to take the job and remain on it for the duration of the project.
- You will inform us immediately if a Candidate you submitted to us is hired or in advanced negotiations to be hired by another Client to limit the damage to our client and our relationship.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
