Greetings from IT Engagements…!
IT Engagements is a global staff augmentation firm providing a wide-range of talent on-demand and total workforce solutions. We have an immediate opening for the below position with one of our premium clients.
Title: GRC Consultant (Onsite)
Location: Boca Raton, FL
Locals to Florida Only
Earliest Start Date: ASAP
Estimated Duration: 10 months with possible extension(s)
USC, GC & EAD Holders will work
Must-have Skills:
- 7-10 years of IT Audit exp;
- 3+ years of IT Risk Management exp;
- 3+ years of hands-on technical exp (e.g. developer, system administrator); NIST 800-30 Risk Assessment Standard or PCI DSS standards
Seniority On The Skill/s Required On This Requirement:
Sr. Level
Requirements:
- Availability to work 100% of the time at the Client’s site in Boca Raton, FL (required);
- IT Audit experience (7-10 years);
- IT Risk Management lifecycle experience (3+ years);
- Hands-on technical experience, e.g. developer, system administrator (3+ years);
- Experience working with NIST 800-30 Risk Assessment Standard;
- Experience with IT General Controls evaluation and design;
- Experience with PCI DSS standards.
Preferred:
- CISA and CISSP certifications
- Government experience.
- Experience in Information Security with up-to-date knowledge of the current threat landscape;
- Experience with business process mapping, documentation, and policy and procedure development.
Preferred:
Governmental exp, business process mapping and documentation, policy and procedure development, IT General Controls evaluation and design, Information Security, threat landscape
Certifications: CISA, CISSP
Responsibilities Include But Are Not Limited To The Following:
- Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and security policies;
- Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls;
- Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
- Maintain IT security risk and compliance matrix and perform management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies;
- Manage IT security vulnerabilities management program aligned with PCI and NIST standards;
- Identify and rank the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important;
- For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
Thanks,
Tej | tej@itengagements.com