Jobs · Information Technology

GRC Consultant

Cyberr · United States · 6 days ago
RemoteRemoteInformation TechnologyFull-time

Responsibilities

  • Lead clients through the planning, design, configuration, and transition phases of governance, risk, and compliance programs, ensuring alignment with business objectives and risk tolerance.
  • Assess technical and procedural security controls to evaluate their maturity, effectiveness, and compliance against industry standards and frameworks such as ISO/IEC 27001, NIST SP 800-53, PCI DSS, COBIT, HIPAA, and NERC CIP.
  • Analyze privacy practices and controls for compliance with regulations such as GDPR, FIPPA, PIPEDA, and PIPA. Recommend improvements to ensure privacy assurance and reduce regulatory risk.
  • Design and develop client-specific security governance structures, policies, and processes. Build scalable and sustainable information security programs to support client growth and compliance objectives.
  • Provide strategic and tactical security recommendations to help clients optimize budgets while strengthening security posture across operations, systems, and processes.
  • Build trusted relationships with client stakeholders. Deliver compelling presentations, reports, and strategic roadmaps tailored to executive and technical audiences.
  • Contribute to the development and refinement of Mirai’s GRC service delivery methodologies and best practices.
  • Represent Mirai with integrity, professionalism, and subject-matter expertise in both client-facing engagements and the broader industry community.

Qualifications & Requirements

  • 5+ years of experience in cybersecurity governance, risk, and compliance roles, preferably in a consulting or client-facing capacity.
  • Proven expertise with information security standards and frameworks such as ISO/IEC 27001, NIST SP 800-53, COBIT, and PCI DSS.
  • ISO/IEC 27001 Lead Auditor Certification Experience or certification in PCI DSS, CMMC, and/or FedRAMP would be an asset.
  • Familiarity with industry-specific compliance challenges across various sectors.
  • Strong understanding of privacy laws and regulations including GDPR, PIPEDA, and FIPPA.
  • Demonstrated experience developing security policies, risk management strategies, and governance frameworks.
  • Able to perform control assessments and gap analyses with actionable recommendations.
  • Excellent verbal and written communication skills, including experience working with senior stakeholders.
  • Strong client presence, professionalism, and stakeholder engagement skills.
  • Comfortable working independently and remotely, while managing multiple client projects.
  • A positive, can-do, customer-focused attitude.

Similar jobs

GRC Consultant

NetCovUnited States· 3 mo ago
RemoteConsultingapply on workforcenow.adp.com

Consultant, GRC Services

InfoHedge Technologies LLCTampa, FL· 2 wk ago
Consultingapply on thrivenetworksinc.applytojob.com

GRC Specialist

CollibraNew York, NY· 1 wk ago
OTHR$88k–$110k/yrapply on grnh.se

GRC Analyst

MeshUnited States· 1 wk ago
RemoteBusiness Development$130k–$175k/yrapply on job-boards.greenhouse.io