Information Security & Compliance Consultant (GRC) Consultant

At the core of a security consultant’s position is risk management. In a time when data breaches seem to occur constantly, putting highly sensitive information at risk, security consultants are responsible for ensuring that doesn’t happen to their company or client. As highly computer-focused individuals, security consultants are always up-to-date on the latest technology trends.

• Bachelor Degree and 4 years of IT / IS work experience with a broad range of exposure to systems analysis, application development, database design, and administration or 8 years of IT / IS work experience with a broad range of exposure to systems analysis, application development, database design, and administration.
  

• Understand IT / IS concepts and how to articulate those in terms of risk. Interprets internal or external business issues and concepts and can translate those into IT concepts that must be addressed via policy.
  

• Understand key IT / IS laws and regulations, such as the Health Insurance Portability and Accountability Act, as well as governance and compliance frameworks (e.g. NIST, COBIT, ITIL, HITRUST).
  

• Experience with audit and compliance controls. This could include previous IT auditing experience and/or technical controls implementation, as well as the ability to respond appropriately to audit and assessment findings.
  

• Initiate and invoke creativity to solve complex problems; takes an “outside-in” perspective to identify innovative solutions
  

• Collaborate well with individuals across the business and IT, as well as at all levels of the organization.
  

Requirements

• Experience with and understanding of overall GRC concepts.
  

• Work independently, with guidance in only the most complex situations.
  

• May lead functional teams or projects