Overview
On Site
$50 - $60
Contract - Independent
Contract - W2
Contract - 12 Month(s)
Skills
GRC Specialist
NIST CSF
ISO 27001
SOC 2
GDPR
HIPAA
PCI DSS
andSOX.
Job Details
GRC Specialist
Duration: Contract to hire
Location : Costa Mesa, CA or Los Angeles, CA
and .
GRC Specialist
This is a contract-to-hire position for our direct client in Orange County, CA.
Not able to Sponsor / W2 Only / No third party candidates considered for this position.
For information purposes the Core Technical skills for GRC Specialists are below, however, primary concerns for this role are experience in executing & implementing (Records Retention Implementation) and (Data Obfuscation Implementation) project at large organizations.
- Regulatory & Framework Expertise: Mastery of industry standards and laws such as NIST CSF, ISO 27001, SOC 2, GDPR, HIPAA, PCI DSS, and SOX.
- Risk Management: Proficiency in conducting risk assessments, identifying vulnerabilities, and developing mitigation strategies. This includes managing Third-Party Risk (TPRM) and Business Continuity Planning (BCP).
- Audit & Monitoring: Ability to design and execute internal audits, evaluate control effectiveness, and facilitate external audit fieldwork.
- GRC Platform Proficiency: Experience with specialized software like Collibra, Delphix, Snowflake, AWS to automate compliance tracking and reporting.
- Emerging Tech Governance: Knowledge of managing risks related to AI (e.g., ISO 42001), cloud security, and automation.
Critical Soft Skills
- Communication: Essential for translating complex technical and regulatory requirements into actionable guidance for stakeholders at all levels, including senior executives and boards.
- Analytical Thinking: Necessary to dissect complex data, identify patterns in risk, and propose practical solutions to compliance gaps.
- Ethics & Integrity: Maintaining high standards of accountability is vital for fostering a culture of compliance and making difficult, principled decisions.
- Adaptability: The ability to stay current with rapidly evolving laws and emerging global risks.
Education & Certifications
- Education: A bachelor's degree in Business, Finance, Information Technology, Law, or a related field is typically required.
- Key Certifications:
- CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information Systems Control)
- CGRC (Certified in Governance, Risk and Compliance)
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.