Sign upLog in

GRC Consultant

Texas State Library and Archives Commision

Bloomington, IL

Apply
JOB DETAILS
SKILLS
Analysis Skills, Auditing, C-Level Management, Cloud Computing, Communication Skills, Computer Security, Consulting, Contract Management, Contract Requirements, Control Objectives for Information and related Technology (COBIT), Corporate Policies, Delivery Management, FISMA - Federal Information Security Management Act, HIPAA (Health Insurance Portability and Accountability Act), ISO (International Organization for Standardization), Information/Data Security (InfoSec), Interpersonal Skills, Leadership, Legal, Maintain Compliance, Network Security, PCI, PCI-DSS, People Management, Performance Management, Physical Security, Presentation/Verbal Skills, Problem Solving Skills, Regulatory Compliance, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Sarbanes-Oxley Act (SOX), Security Analysis, Security Attacks, Security Auditing, Security Compliance, Service Delivery, Team Lead/Manager, Team Player, Technical Support, Test Program, U.S. National Institute of Standards and Technology (NIST), Writing Skills
LOCATION
Bloomington, IL
POSTED
1 day ago
Job Title: GRC Consultant

Location:Bloomington, IL

Job Type: Contract

Job Description:
  • Security Compliance
  • Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection
  • Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
  • Understand the client requirements and ensure the implementation and effectiveness of the required controls.
  • Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process
  • Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level
  • Partner with delivery team to increase the level of awareness of compliance with policy and process
  • Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready
  • Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments
  • Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.
  • Ability to provide effective management of junior employees.
    Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security
  • Coordinate with other representatives to build out world class compliance program components to include processes, procedures, and technologies.
  • Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program
  • Demonstrates ability to work in virtual team with help of tools and technologies
  • Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills
  • Must have systematic and pragmatic approach to problem solving
  • Demonstrates good inter-personal skills, high standards of professional behavior in dealings with business customers, colleagues, and staff
  • Have a good technical awareness and the aptitude to remain up to date with information security and IT developments
  • Ability to communicate Risk to non IT business owners and support function such as HR, GWS, Physical Security, Legal, Contracting and others
  • Ability to communicate risk at all levels of management up to and including C-Level executives.
    Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives
  • Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.
Primary Skill:
  • Understanding of Information Security and standards such as ISO27001, NIST, CIS etc. / Knowledge of regulatory compliance such as SOX, PCI etc.
  • Knowledge of Risk Management and Control Auditing principles/ Knowledge of Data Privacy requirements / Technical knowledge of security principles around Network Security, Perimeter Security, Data Security, End User System security etc.
  • Technical knowledge on Cloud Security, Threat analysis, VA/PT etc.
  • Excellent communication skills (verbal and written) / Understanding of general IT Control framework / BCM Concepts
Secondary Skill:
  • Analytical skills / Strategic Thinking / Ability to build relationship / Adaptable to new concerns and changing environments etc.
  • Required Experience: Minimum of 5-10 years of relevant experience in Information Risk Management/Information Security or auditing.

About the Company

T

Texas State Library and Archives Commision

Resume Resources

Free Resume TemplatesFree Resume Builder