GRC Consultant
Salary undisclosed
Apply on
Availability Status
This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.
Original
Simplified
REQUIREMENT:
Position: GRC Consultant
Duration: 10 Months
Location: Boca Raton, FL - Onsite
Duration: 10 Months
Location: Boca Raton, FL - Onsite
Must-have skills: 7-10 y of IT Audit exp; 3+ y of IT Risk Management exp; 3+ y of hands-on technical exp (e.g. developer, system administrator); NIST 800-30 Risk Assessment Standard or PCI DSS standards
PREFERRED: governmental exp, business process mapping and documentation,
policy and procedure development, IT General Controls evaluation and design, Information Security, threat landscape.
CERTIFICATIONS: CISA, CISSP.
Requirements:
Availability to work 100% of the time at the Client s site in Boca Raton, FL (required);
IT Audit experience (7-10 years);
IT Risk Management lifecycle experience (3+ years);
Hands-on technical experience, e.g. developer, system administrator (3+ years);
Experience working with NIST 800-30 Risk Assessment Standard;
Experience with IT General Controls evaluation and design;
Experience with PCI DSS standards.
Preferred:
CISA and CISSP certifications
Government experience.
Experience in Information Security with up-to-date knowledge of the current threat landscape;
Experience with business process mapping, documentation, and policy and procedure development.
Responsibilities include but are not limited to the following:
Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related
reviews to ensure that current, new, and technology infrastructure complies with these standards and security policies;
Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
Identify and rank the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and
assets are the most important;
For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
Availability to work 100% of the time at the Client s site in Boca Raton, FL (required);
IT Audit experience (7-10 years);
IT Risk Management lifecycle experience (3+ years);
Hands-on technical experience, e.g. developer, system administrator (3+ years);
Experience working with NIST 800-30 Risk Assessment Standard;
Experience with IT General Controls evaluation and design;
Experience with PCI DSS standards.
Preferred:
CISA and CISSP certifications
Government experience.
Experience in Information Security with up-to-date knowledge of the current threat landscape;
Experience with business process mapping, documentation, and policy and procedure development.
Responsibilities include but are not limited to the following:
Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related
reviews to ensure that current, new, and technology infrastructure complies with these standards and security policies;
Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
Identify and rank the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and
assets are the most important;
For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
