We are seeking a Consultant specializing in Security Governance, Risk, and Compliance (GRC) with a strong focus on security compliance assessments, particularly against NIST frameworks. This role requires a combination of security and consulting subject matter expertise, and client-facing communication skills to deliver high-quality solutions tailored to each client’s unique security and compliance needs.
The ideal candidate will be proactive, detail-oriented, and capable of independently driving workstreams while contributing to the broader success of client engagements. This is a challenging yet rewarding role that provides an opportunity to work with diverse set of clients across multiple industries.
Security Compliance Specifics
- Apply compliance frameworks (e.g., NIST, ISO, etc.) to assess, design, and implement security controls for enterprise environments.
- Conduct compliance gap assessments, develop remediation plans, and guide clients through audit readiness processes.
- Create and maintain key documentation such as risk assessments, controls mapping, compliance roadmaps, and policies tailored to client needs.
- Ensure alignment with regulatory requirements and standards, such as NIST, CMMC, ISO 27001, or SOC 2, based on the engagement scope.
- Stay informed of evolving compliance frameworks, regulatory changes, and security best practices to provide clients with up-to-date and actionable recommendations.
- Support clients in developing and maturing their GRC programs, with an emphasis on measurable security improvement and compliance sustainability.
Client Delivery
- Manage and run defined workstreams with minimal oversight, ensuring continuity and success across client engagements.
- Maintain workstream RAID documentation (Risks, Assumptions, Issues, Dependencies) and proactively mitigate risks to keep projects on track.
- Communicate project status, risks, and decisions clearly and effectively to clients, ensuring transparency and alignment.
- Produce client-ready drafts of deliverables with minimal rework, adhering to professional quality standards.
- Leverage QA checklists and processes to identify issues early and ensure consistency across deliverables.
- Analyze tradeoffs, present options, and provide well-reasoned recommendations, escalating challenges along with proposed solutions when necessary.
- Independently sustain progress on client engagements during critical periods, maintaining momentum for up to 5–10 business days if required.
- Contribute to client knowledge transfer and training efforts, ensuring operational teams are equipped to maintain compliance post-engagement.
Qualifications
- Undergraduate technical degree in Engineering, Computer Science, IT Management, Cybersecurity, or related field preferred, but not required.
- Minimum of 4-6 years’ professional, relevant experience, with at least 2 years in a client facing role.
- 1–2 professional and/or technical certifications in IT security, cloud security, or application security (e.g., CompTIA Security+, ISC^2 CC, etc.)
- Solid understanding of common compliance frameworks (e.g., NIST, ISO, CMMC, etc.) and their application in enterprise environments.
- Strong technical knowledge of what good evidence looks like for assessments beyond policy and procedure language. A technical assessment will be performed during the interview process to confirm this critical skill.
- Knowledge of cybersecurity technologies (e.g., SIEM, vulnerability management, endpoint security) and their integration with compliance mandates.
- Hands-on experience with tools and platforms supporting GRC workflows (e.g., Archer, ServiceNow GRC, or similar).
- Excellent verbal and written communication skills (high proficiency in Microsoft Office Suite required).
- Comfortable addressing and presenting to groups in virtual or in-person settings.
- Strong problem-solving abilities, capable of addressing complex and abstract challenges.
- Exceptional interpersonal skills, with the ability to connect and collaborate with diverse personalities and stakeholders.
AHEAD Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about AHEAD and has not been reviewed or approved by AHEAD.
-
Retirement Support — 401(k) contributions are matched dollar-for-dollar on the first $5,000 each year, with matching made each pay period and immediate 100% vesting. This structure signals above-standard employer support for retirement savings.
-
Affordable Benefits — Medical options include low employee premiums for PPO and HDHP plans, and the HDHP adds employer HSA funding plus a dollar-for-dollar HSA match up to stated amounts. Dental and vision plans list very low per-paycheck costs, helping keep overall healthcare spend manageable.
-
Wellbeing & Lifestyle Benefits — No-cost telemedicine (including virtual mental health when enrolled), free Calm access for the employee and dependents, and an EAP with counseling are included. Company-paid life and disability plus voluntary protections (legal/ID, pet insurance) and other extras round out a comprehensive set of supports.
AHEAD Insights
Similar Jobs
What We Do
AHEAD builds platforms for digital business. By weaving together cloud infrastructure, intelligent operations, and modern applications, we help enterprises deliver on the promise of digital transformation.








