One of InterEx’s key clients within the financial industry is looking for a GRC Consultant for a full time position.

This position will be 2 days on site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position.

Job Description:

• Development, review and continuous improvement of the Security Services Department policies/procedures
• Recommendation of appropriate reporting frameworks, standards/best practices.
• Assist with remediating regulatory and Internal Audit findings
• Collect data to identify root cause of problems, identifying trends, formulating solutions, and escalating potential issues related to the lifecycle of remediation activities
• Be the POC for Security Services to senior management in Compliance, Internal Audit, Enterprise Risk Management, Legal and the Enterprise Project Management Office.
• Lead development, implementation, review and improvement of right sized management self-testing of controls.
• Lead Information Security Cyber Security Working Group Program efforts.
• Act on Security Services behalf related to compliance matters
• Manage Security Services responses to Third-Party requests and surveys
• Perform ad-hoc duties for Security Governance management as necessary

Experience required:

• Knowledge of regulatory, legal rules & requirements (e.g., SEC, CFTC, Federal Reserve Board, etc.) within IT Security.
• Experience working with frameworks (e.g. NIST CSF, NIST 800-53, CIS 20, COBIT, COSO, ITIL, ISO 27001, CSA CCM, etc.)
• IT and risk management concepts
• IT Security policy, procedure and control writing.
• Basic knowledge of Cloud implementation/Cloud compliance
• Understanding of the Systems Development Life Cycle (SDLC) process (Agile) and Secure Software Development Lifecycle.

If you feel you are right for this role and want to join my network, please get in touch.