What are the responsibilities and job description for the GRC Consultant position at IT Engagements, Inc.?
Greetings from IT Engagements…!
IT Engagements is a global staff augmentation firm providing a wide-range of talent on-demand and total workforce solutions. We have an immediate opening for the below position with one of our premium clients.
Title: GRC Consultant (Onsite)
Location: Boca Raton, FL
Locals to Florida Only
Earliest Start Date: ASAP
Estimated Duration: 10 months with possible extension(s)
USC, GC & EAD Holders will work
Must-have Skills:
Sr. Level
Requirements:
Governmental exp, business process mapping and documentation, policy and procedure development, IT General Controls evaluation and design, Information Security, threat landscape
Certifications: CISA, CISSP
Responsibilities Include But Are Not Limited To The Following:
Tej | tej@itengagements.com
IT Engagements is a global staff augmentation firm providing a wide-range of talent on-demand and total workforce solutions. We have an immediate opening for the below position with one of our premium clients.
Title: GRC Consultant (Onsite)
Location: Boca Raton, FL
Locals to Florida Only
Earliest Start Date: ASAP
Estimated Duration: 10 months with possible extension(s)
USC, GC & EAD Holders will work
Must-have Skills:
- 7-10 years of IT Audit exp;
- 3 years of IT Risk Management exp;
- 3 years of hands-on technical exp (e.g. developer, system administrator); NIST 800-30 Risk Assessment Standard or PCI DSS standards
Sr. Level
Requirements:
- Availability to work 100% of the time at the Client’s site in Boca Raton, FL (required);
- IT Audit experience (7-10 years);
- IT Risk Management lifecycle experience (3 years);
- Hands-on technical experience, e.g. developer, system administrator (3 years);
- Experience working with NIST 800-30 Risk Assessment Standard;
- Experience with IT General Controls evaluation and design;
- Experience with PCI DSS standards.
- CISA and CISSP certifications
- Government experience.
- Experience in Information Security with up-to-date knowledge of the current threat landscape;
- Experience with business process mapping, documentation, and policy and procedure development.
Governmental exp, business process mapping and documentation, policy and procedure development, IT General Controls evaluation and design, Information Security, threat landscape
Certifications: CISA, CISSP
Responsibilities Include But Are Not Limited To The Following:
- Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and security policies;
- Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls;
- Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
- Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
- Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
- Identify and rank the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important;
- For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
Tej | tej@itengagements.com
