Associate Consultant CRA

* Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to

information security and never miss a deadline.

* Effectively and appropriately communicate audit engagement reports and recommendations to client

management and resolve any client concerns or questions.

* Ensure 100% certification success rate on ISMS projects.

* Grow into a role with increasing responsibility.

* Significant experience leading information security audits with a preference for ISO27001 and SOC 2 audits or assessments.

* Experience in leading or knowledge with implementations.

* Experience authoring policies and procedures.

* Significant experience working as a consultant working in a consulting firm * Significant knowledge of ISO

27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is

around an ISO 27001 Information Security Management System.

* Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information

Security Program) as many of our clients serve government customers.

Enough Information Technology and Information Security experience to contextualize and make their.

Recommendations relevant and valuable.

* Experience and knowledge with Governance, Risk Management and Compliance.

* Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).

* Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).

* Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).