Governance, Risk and Compliance | CyberSecurity Consultant

Responsibilities:

• Security assessments: Assist in conducting comprehensive cybersecurity assessments for clients, including vulnerability assessments, penetration testing, and risk assessments. Identify security gaps, evaluate risks, and provide recommendations for remediation. 
• Security strategy development: Collaborate with project teams to develop and implement cybersecurity strategies that align with clients' business goals and risk tolerance. Assist in defining security frameworks, policies, and roadmaps. 
• Security controls implementation: Assist in the implementation of security controls and technologies based on industry best practices and regulatory requirements. This may include configuring firewalls, intrusion detection systems, and encryption mechanisms. 
• Compliance support: Assist clients in achieving and maintaining compliance with relevant regulations and standards, such as GDPR, HIPAA, or PCI-DSS. Collaborate with project teams to develop compliance frameworks, conduct gap assessments, and provide recommendations for remediation. 
• Security documentation and reporting: Assist in documenting security procedures, processes, and findings. Contribute to the preparation of security assessment reports, project updates, and client presentations. 
• Research and knowledge sharing: Stay updated on the latest cybersecurity trends, threats, and technologies. Conduct research on emerging security risks and contribute to internal knowledge sharing initiatives. 
• Client relationship management: Develop and maintain strong relationships with clients. Provide timely and effective communication, manage client expectations, and ensure client satisfaction throughout the engagement. 

Qualifications:

• Bachelor's or master's degree in Computer Science, Information Security, or a related field. 
• 1-3 years of experience in cybersecurity, IT audit, or a related role. 
• Solid understanding of cybersecurity principles, technologies, and best practices. 
• Familiarity with security frameworks and standards, such as HITRUST, CMMC, NIST, ISO 27001, and PCI-DSS. 
• Knowledge of networking protocols, operating systems, and cloud platforms
• Experience conducting SOC 2 Type 1 and Type 2 audits
  Experience with working on HITRUST assessments (certification not required at hire)
  Knowledge/experience on HIPAA compliance (Privacy & Security Rules, Breach Notification Rule)
  Knowledge/experience of the NIST CSF framework
  Comfortable writing Security Policies and Procedures
• Strong problem-solving and analytical skills. 
• Excellent written and verbal communication skills. 
• Ability to work effectively in a team and collaborate with cross-functional stakeholders. 
• Relevant certifications such as CISM, CISSP, or CISA (preferred). 
• Experience with Purview preferred
• #LI-CS1