Overview
Skills
Job Details
Role: Governance Risk and Compliance Consultant
Location: King of Prussia (ONSITE)
Handle technical and business impacting aspects of Information Security Risk areas comprising of Audit / compliance, IT, Operational and Legal Risks.
Participate in and Execute Risk Assessment and Management Program
Should be able to resolve Risk and Security solutions / issues and work with Security team to bring them to closure.
Work with the team to deliver on Assessments & Audits.
Would need to work with the operations team and the SDMs to ensure right oversight is created ad maintained with respect of the Audit, Risk and Compliance
Work with teams demonstrating the core team values and Adhere to the Policies and Practices of Client
Should be able to interface with Auditors and be the Audit Coordinator for Regulatory, Standards, or Framework Audits, Control Testing and assessments.
Support the GRC Lead with respect to the IT Audits, IT Risks & IT Compliance for the services.
SKILLS
Professional Services background including exposure to Standards, SSAE 18, ISO 27001 and Privacy Laws (preferable candidates from Big4 organizations)
Knowledge of implementing, managing and auditing security & compliance regulation (SOX, GDPR, NIS-2, DPA, HIPAA), Standards and frameworks (ITIL, NIST CSF 2.0 or COBIT)
Should have proven capabilities of executing at least 3-4 advisory/consulting engagements
Excellent technical capabilities around information security, business continuity and technology risk assessments
Good compliance and understanding of industry regulations
GRC Project & Program Management
Excellent written and verbal communications skills
PLATFORM /TOOL EXPERTISE
Experience on the below mentioned tools is not mandated but candidates having exposure to any of these will be preferred:
ServiceNow IRM
MetricStream
Certifications will be preferred:
CISA/CGEIT/CISM/CISSP
ISO 27001 Implementer, Lead Auditor
ITIL V4.0
Six Sigma
GRC Platform Specific Certifications