Overview
On Site
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 6+Month(s)
Skills
Cloud Computing
Jersey
FOCUS
Mapping
ITGC
Testing
Management
Onboarding
Management Reporting
System On A Chip
SOX 404
FedRAMP
Risk Management
Due Diligence
Documentation
Reporting
Dashboard
Auditing
Communication
Accounting
Computer Science
Business Administration
CISA
Certified Public Accountant
Regulatory Compliance
Financial Services
Health Care
EMC RSA Archer
ServiceNow
SAP GRC
Risk Assessment
ISO 9000
RMF
Risk Management Framework
Job Details
Role: Senior GRC Consultant
Location: New Jersey (Twice or Thrice a week visit to Midtown Manhattan)
Start Date: ASAP
Role Summary
The Senior GRC Consultant will support the Client's Governance, Risk, and Compliance (GRC) function with a focus on audit readiness, compliance program execution, and third-party risk management (TPRM). The role requires solid hands-on experience in security audits, regulatory compliance, and vendor risk processes, with the ability to engage confidently with internal stakeholders, external auditors, and third-party vendors.
Key Responsibilities
Audit & Compliance
- Coordinate and support external audits and regulatory assessments (SOC 1, SOC 2, SOX 404, ISO, NIST, HITRUST, FedRAMP, StateRAMP).
- Conduct evidence collection, validation, and mapping against control requirements.
- Support IT General Controls (ITGC) and application control testing.
- Develop and maintain compliance dashboards, audit documentation, and management reports.
- Facilitate meetings with external auditors to review scope, evidence, findings, and reports.
Third-Party Risk Management (TPRM)
- Manage vendor risk assessment processes, including onboarding due diligence and periodic reassessments.
- Review third-party SOC reports, security questionnaires, certifications, and regulatory attestations.
- Document and track third-party risks with business owners and monitor remediation activities.
- Maintain vendor risk registers and prepare periodic management reporting.
- Provide advisory input on TPRM framework improvements and regulatory alignment.
Advisory Support
- Recommend enhancements to governance structures, control frameworks, and compliance processes.
- Provide insights on emerging regulatory and industry trends.
- Participate in governance forums and service reviews, offering strategic input on long-term compliance objectives.
Required Qualifications
- 5+ years of combined experience in audit, compliance, and/or TPRM functions.
- Strong knowledge of compliance frameworks such as SOC 1, SOC 2, SOX 404, ISO, NIST, HITRUST, FedRAMP, and StateRAMP.
- Proven experience in third-party risk management, including vendor due diligence and ongoing monitoring.
- Strong documentation and reporting skills (dashboards, risk registers, audit reports).
- Excellent verbal and written communication skills with ability to lead discussions with auditors, regulators, and vendors.
Education & Certifications
- Bachelor's degree in Accounting, Computer Science, Business Administration, or related field (or equivalent).
- Certifications (completed or in progress) such as CISA, CPA, CIA, CFE
Nice-to-Have
- Experience supporting compliance programs in financial services or healthcare sectors.
- Familiarity with GRC or TPRM tooling (e.g., Archer, ServiceNow GRC, OneTrust, ProcessUnity).
- Hands-on experience with risk assessment methodologies (ISO 27005, NIST RMF).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.