IT Business Consultant

IT Business Consultant (Cybersecurity Compliance Analyst)

Key Details

• Job Title: IT Business Consultant
• Location: Spring, TX 77389
• Work Arrangement: 100% Onsite
• Employment Type: W2 only (not open to C2C, 1099, or H1B)
• Duration: 6-month contract
• Compensation: $24/hr. – $27/hr.

Role Overview

The IT Business Consultant (Cybersecurity Compliance Analyst) operates at the intersection of cybersecurity policy, compliance, risk management, and IT operations. This role is responsible for supporting the full compliance evaluation lifecycle—from intake through closure—ensuring internal applications and processes align with organizational security policies and standards.

The ideal candidate brings a risk-based approach to compliance assessments, strong collaboration skills, and the ability to manage multiple priorities in a fast-paced environment. This individual will work closely with business stakeholders, IT teams, and cybersecurity professionals to mitigate risk and strengthen the organization’s security posture.

Key Responsibilities

• Support compliance evaluations through an evidence-based, business-driven process
• Assess internal applications for adherence to cybersecurity policies and identify remediation actions
• Apply risk-based methodologies to security assessments, remediation, and exception management
• Collaborate with GRC teams, cybersecurity SMEs, IT teams, and application owners to ensure proper scoping, documentation, and timely completion of evaluations
• Build and maintain reporting dashboards for compliance metrics, including inventory tracking, aging, and closure rates
• Support internal and external audits by providing clear documentation and evidence of control effectiveness
• Identify and implement process improvements to increase efficiency and consistency
• Contribute to updates and enhancements of cybersecurity policies based on emerging risks and operational insights
• Promote awareness and adoption of the organization’s cybersecurity program across business units

Qualifications

• Minimum of 3 years of experience in IT security, governance, risk and compliance (GRC), compliance, or IT operations
• Strong understanding of industry-standard security frameworks, including:
  • NIST Cybersecurity Framework (CSF)
  • ISO/IEC 27001/27002
  • CIS Controls
• Experience assessing internal applications for compliance with cybersecurity policies
• Hands-on experience with ITSM or GRC platforms (e.g., ServiceNow, Jira, Archer, OneTrust)
• Strong analytical, problem-solving, and critical thinking skills
• Excellent organizational and prioritization skills with the ability to manage a high volume of requests
• Effective verbal and written communication skills
• Ability to collaborate with and influence stakeholders across multiple levels of the organization

Preferred Qualifications

• Familiarity with cloud security concepts (AWS, Azure, or GCP)
• Experience working in modern DevOps environments
• Relevant professional certifications (e.g., CISSP, CISM, CRISC)
• Background in regulated industries such as financial services, healthcare, or government
• Experience developing dashboards and reporting using tools such as Power BI, Tableau, or Splunk

Core Skills

• Compliance and risk assessment
• Business analysis and stakeholder engagement
• Security policy and control validation
• GRC platforms and tools
• Process improvement and optimization
• Data analysis and reporting