Jobs · Consulting · Florida

Consultant, GRC Services

Thrive · Tampa, FL · 2 wk ago
ConsultingFull-time

Responsibilities

  • Participates in day-to-day operations and client engagement activities across various client projects involving compliance readiness and security assessments.
  • Supports the Abacode GRC Service Delivery team with conducting on-going and new assessments of controls, processes, and procedures across multiple clients and compliance standards: NIST 800-171 (CMMC), SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF and CIS
  • Supports clients with maintaining compliance with such frameworks by guiding them through control execution and evidence collection and review.
  • Supports compliance, policy, procedural, and technical review of client information security and/or compliance program(s), providing maturity and improvement recommendations based on experience and industry best practices.
  • Performs security controls gap analysis and identification based on compliance mandates, standards, and security benchmarks.
  • Documents security controls inventory of client systems within the GRC portals.
  • Conducts general cybersecurity Risk Assessments
  • Provides tactical guidance aimed at helping clients meet compliance requirements across applicable security standards and frameworks.
  • Performs audit liaison activities, guiding and assisting clients with audit preparation, evidence identification and gathering, and responding to audit questions.
  • Manages compliance requirements across multiple clients in parallel. Works with clients to identify opportunities for improvement for client’s security controls.
  • Builds internal company partnerships and collaborates with team leaders to determine the company's services, delivery criteria, and solutions for issues that may arise.
  • Supports evidence collection for internal Abacode/Thrive audits.
  • Identifies and makes suggestions for improvements when problems and/or opportunities arise.
  • Keeps up to date with developments in the cybersecurity, privacy, and GRC areas of specialization.
  • Performs other duties as assigned.
  • Qualifications

    • Minimum: Bachelor's Degree in related field or relevant work experience.
    • 2-4 years of experience conducting and documenting security and compliance risk assessments
    • Experience working in a client-facing consulting or service delivery capacity
    • Experience managing multiple clients/projects in parallel.
    • Experience with general project management and customer success/service is strongly desired.
    • Demonstrated understanding of control frameworks and regulatory requirements for NIST 800-171, NIST-CSF, SOC-2, and ISO 27001.
    • PREFERRED: Experience with: HIPAA, PCI-DSS.
    • Good understanding of the Department of Defense CMMC ruling and implications for the Defense Industrial Base.
    • Proven ability to assess risks and controls and identify opportunities for improvement.
    • Excellent written and verbal communication skills along with excellent interpersonal skills. Able to communicate confidently in a clear, concise, and articulate manner - verbally and written in the documentation produced.
    • Ability to work independently and with minimal supervision.
    • Self-motivated, positive attitude, and a team player.

Similar jobs

Consultant, GRC Services

InfoHedge Technologies LLCTampa, FL· 2 wk ago
Consultingapply on thrivenetworksinc.applytojob.com

GRC Consultant

CyberrUnited States· 5 days ago
RemoteInformation Technologyapply on cyberr.ai

GRC Consultant

NetCovUnited States· 3 mo ago
RemoteConsultingapply on workforcenow.adp.com

GRC Analyst

Stage 2 CapitalSan Francisco, CA· 3 days ago
Business Developmentapply on careers.stage2.capital

GRC Analyst

SpireDenver, CO· 5 days ago
Business Developmentapply on grnh.se