Senior GRC Consultant

Senior Governance, Risk, & Compliance Consultant

About the Company

Elastify makes IT security and compliance easier. Our experts do all the heavy lifting for you, asking the right questions to understand what you really need. We create tailored solutions based on your people, current processes and technology stack, to ensure you have the right strategy for your business goals. You get industry leading expertise and the right solution, right away.

We specialize in delivering high value services and provide advisory within:

• Governance, Risk & Compliance (GRC)

• Cybersecurity engineering

• Penetration Testing

• Data Protection & Privacy

• Cloud Security

• Microsoft Enablement

• Staff Augmentation

About the Role

Within Elastify’s security practice, we are currently seeking a Senior Cyber Risk Consultant to assist our growing engagement team in assessing our client’s security processes and controls.

Job Responsibilities

• Leading & delivering cybersecurity program assessments to provide clients with recommendations and a roadmap to enhance security posture.
• Leading & delivering compliance readiness assessments (e.g., SOC 2, ISO 27001) and helping clients with remediation activities (e.g., policy & procedure development).
• Coaching / mentoring Elastify’s Cybersecurity & GRC consultants.
• Supporting Elastify’s sales team with proposals, engagement letters / statement of work development.
• Running workshops with clients.
• Drafting & presenting reports to key client stakeholders.
• Managing the delivery of engagements to ensure budgets and timelines are met.
• Working with a compliance automation platform to conduct assessments or provide advisory to clients.

Experience

• Three to five years of experience in the field of Cybersecurity, Technology Risk, or GRC
• Completion of at least one of the following designations: CISA, CRISC, CISM, CISSP, ISO 27001 LA.
• Bachelor’s degree or higher in a related field to Cybersecurity or equivalent working experience
• Experience with leading and delivering assessments against the follow standards & frameworks including but limited to SOC 2, NIST CSF, NIST 800-53, CMMC, ISO 27001, CIS.
• Experience with Compliance & Controls Automation Platforms (e.g. Drata)
• Strong attention to detail and organizational skills.
• Experience leading, coaching, mentoring junior personnel.
• Excellent oral and written communication with experience helping clients navigate through complex cybersecurity and compliance challenges.

Benefits of working at Elastify

• Three weeks’ vacation
• Benefits package
• Wellness Account
• Cellphone and Travel allowance
• Downtown Toronto office location (121 King Street West - connected to the path)
• Hybrid work