Jobs · Consulting

GRC Consultant

NetCov · United States · 3 mo ago
RemoteRemoteConsultingFull-time

About the role

Interface with client points of contact as required for onboarding/post sales activity and/or recurring check-ins and inquiries.
Continuously monitor and triage requests flowing through an inbound ticket queue.
Participate in the design and execution of risk assessments and security audits.
Participate in the management of employee awareness campaigns for both staff and clients, including phishing simulations and awareness training.
Perform CMMC Readiness against 110 controls, delivering a comprehensive SSP and POAM with assisted attestation and SPRS reporting.
Manage client projects from start to finish, defining milestones and deliverables and meeting determined deadlines.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, regulatory requirements, improved security processes, and the development of new attacks and threat vectors.
Document best practices and user guides using available collaboration tools and workspaces.
Develop and maintain both internal and client-facing documentation, policy libraries and delivery metrics for end-to-end client security and compliance.
Provide timely, detailed, and complete reports on vulnerabilities, security events and incidents in a client facing setting.
Triage internal security and permissions requests from staff, including but not limited to systems access and employee terminations.
Oversee upkeep of internal SOP, ensuring adjustments to protocol are made as tools and methods evolve.
Perform QA workflow as necessary to improve upon consistency of product and client experience.
Coordinate resources and/or route audit requests appropriately for high volume or regulated client points of contact.

Responsibilities

  • Interface with client points of contact as required for onboarding/post sales activity and/or recurring check-ins and inquiries.
  • Continuously monitor and triage requests flowing through an inbound ticket queue.
  • Participate in the design and execution of risk assessments and security audits.
  • Participate in the management of employee awareness campaigns for both staff and clients, including phishing simulations and awareness training.
  • Perform CMMC Readiness against 110 controls, delivering a comprehensive SSP and POAM with assisted attestation and SPRS reporting.
  • Manage client projects from start to finish, defining milestones and deliverables and meeting determined deadlines.
  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, regulatory requirements, improved security processes, and the development of new attacks and threat vectors.
  • Document best practices and user guides using available collaboration tools and workspaces.
  • Develop and maintain both internal and client-facing documentation, policy libraries and delivery metrics for end-to-end client security and compliance.
  • Provide timely, detailed, and complete reports on vulnerabilities, security events and incidents in a client facing setting.
  • Triage internal security and permissions requests from staff, including but not limited to systems access and employee terminations.
  • Oversee upkeep of internal SOP, ensuring adjustments to protocol are made as tools and methods evolve.
  • Perform QA workflow as necessary to improve upon consistency of product and client experience.
  • Coordinate resources and/or route audit requests appropriately for high volume or regulated client points of contact.

Requirements

Strong problem-solving and analytical skills.
Excellent customer service skills, including understanding how to de-escalate, how to soothe and how to deliver the most efficient solution.
Strong communication skills, both verbal and written.
Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech, GDPR are a big plus.
Strong organizational, operational, and inter-personal skills
Strong familiarity with Windows desktop and server operating systems.
Strong familiarity with Microsoft Office 365 and Azure Active Directory support and implementation.
Strong understanding of networking concepts, familiarity with routers, firewalls, access points, IDS/IPS and VPN.
Familiarity with Email threat protection tools and concepts.
Familiarity with RMM and asset management tools are a big plus.
Understanding of tools and processes used in security monitoring and incident response
Experience with Endpoint Detection & Response (EDR) tools
Ability to understand vulnerabilities at a technical level and capable of recommending and effectively communicating mitigation strategy
Ability to communicate and write in English professionally
Reliable personal transportation for use in traveling to clients' offices is essential.

Qualifications

CMMC CCP or CCA is a requirement for this role.
3-5 years of experience working in an Information Security and/or Compliance capacity
Customer service and client facing experience preferred.
CompTIA Security+

Skills

  • CMMC CCP or CCA
  • Strong problem-solving and analytical skills
  • Excellent customer service skills
  • Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech, GDPR
  • Strong organizational, operational, and inter-personal skills
  • Strong familiarity with Windows desktop and server operating systems
  • Strong familiarity with Microsoft Office 365 and Azure Active Directory support and implementation
  • Strong understanding of networking concepts, familiarity with routers, firewalls, access points, IDS/IPS and VPN
  • Familiarity with Email threat protection tools and concepts
  • Familiarity with RMM and asset management tools
  • Understanding of tools and processes used in security monitoring and incident response
  • Experience with Endpoint Detection & Response (EDR) tools
  • Ability to understand vulnerabilities at a technical level and recommend mitigation strategies
  • Ability to communicate and write in English professionally

Benefits

Flexible work hours may also be required if requested for client onsite or after-hours support of accounts in differing regions.

Pay

N/A

Schedule

N/A

Similar jobs

GRC Consultant

CyberrUnited States· 5 days ago
RemoteInformation Technologyapply on cyberr.ai

Consultant, GRC Services

InfoHedge Technologies LLCTampa, FL· 2 wk ago
Consultingapply on thrivenetworksinc.applytojob.com

GRC Specialist

CollibraNew York, NY· 6 days ago
OTHR$88k–$110k/yrapply on grnh.se

GRC Analyst

MeshUnited States· 1 wk ago
RemoteBusiness Development$130k–$175k/yrapply on job-boards.greenhouse.io