Job Description
Role: GRC, CyberSecurity Consultant
Duration: Contract
Work location : Louisville, KY (Permanent remote)
Description : The Security Consultant determines security requirements by evaluating business strategies and requirements. The Security Consultant work assignments are varied and frequently require interpretation and independent determination of the appropriate courses of action. Understands department, segment, and organizational strategy and operating objectives, including their linkages to related areas. Makes decisions regarding own work methods, occasionally in ambiguous situations, and requires minimal direction and receives guidance where needed. Follows established guidelines/procedures.
The Security Consultant will assist in developing the Third Party Continuous Monitoring Capability for Third-Party Cyber Risk (TPCRM) team. The Security Consultant identifies third party connections and security risk by evaluating network and security technologies; developing security requirements for third party onboarding, monitoring and offboarding; adhering to industry standards. This includes:
- Provide recommendations to reduce vendor risk and follow-up to ensure remediation plans are timely, effective, and appropriately implemented.
- Report engagement status and results, both verbally and in writing, to management
- Review and analyze technologies, processes, documentation, and data to identify any gaps in the effectiveness of TPM cybersecurity controls and operations
- Presenting information, updates, results, etc. to associates and leaders
- Support third party monitoring and offboarding operations. This includes:
- Provide recommendations to reduce vendor risk and follow-up to ensure remediation plans are timely, effective, and appropriately implemented.
- Report engagement status and results, both verbally and in writing, to management
- Review and analyze technologies, processes, documentation, and data to identify any gaps in the effectiveness of TPM cybersecurity controls and operations
- Presenting information, updates, results, etc. to associates and leaders
- Support third party monitoring and offboarding operations. This includes:
- Working with industry leading security tools to dynamically measure third party risks and report to various stakeholders
- Conducting data validation and cleanliness activities to ensure accurate reporting and integration with other teams and tools
- Partnering with cross-functional teams to further security leading practices in the offboarding of third parties
- Conducting data clean-up and lineage exercises between GRC tooling and related systems
- Advocate program capabilities to business stakeholders by demonstrating value and fostering awareness
- Assist in developing innovative solutions to help evaluate complex business, technology, and risk issues in a fast-paced environment
Required Qualifications
- Bachelor's degree in Business, Information Technology or related field
- Minimum of 3 years of technical cyber Security Consultants experience and IT audit/compliance
- Experience integrating Cyber Security technologies with existing technologies
- Proficient understanding of - and experience with - audit, regulatory requirements, and standards (SOC2, ISO, HITRUST), and other related standards and certification processes
- Must be passionate about contributing to an organization focused on continuously improving consumer experiences
- Willing to work in Eastern Time business hours
Preferred Qualifications
- Knowledge of key compliance and IT frameworks such as: SSAE16 SOC2, HITRUST, SOX, etc.
- CISA, CISSP, HCISPP, CCSP, CISM, CTPRP or similar certification United Software Group, Inc.
Job Tags
Permanent employment, Contract work, Remote job,
Similar Jobs
Scale AI
...are producing is some of the most important work for how humanity will interact with AI. About the Team The Data Engine technical recruiting team is responsible for hiring Software Engineers with full-stack capabilities across various levels. The team works closely...
Security Surveillance System
...Job Description Job Description Overview: Security Surveillance System is seeking a dedicated Security Consultant to join our team in Aurora, Colorado. As a leading security surveillance company, we are committed to providing top-notch security products and services...
YMCA of The Inland Northwest
...Exercise Science, Physical Education, or related field preferred. # One to three years practical experience in fitness instruction, personal training, athletic coaching. # National Accredited Personal Training Certification obtained within the first 6 months of hire....
Core Medical Group
...Job Description Core Medical Group is seeking a travel nurse RN Interventional Radiology for a travel nursing job in Sault Ste. Marie, Michigan. Job Description & Requirements ~ Specialty: Interventional Radiology ~ Discipline: RN ~ Start Date: 10/07/2024...
Johnson Controls
...software Providessketches of field changes and discrepancies for engineering corrections and drawings Communicates withcustomerupon... ...in servicing electronic and or mechanical systemsin HVAC Generally required knowledge includes HVAC controls systems...