Enterprise Risk Management (eGRC Lead Consultant)

  •  

San Ramon, CA

Industry: Healthcare IT

  •  

11 - 15 years

Posted 230 days ago

Enterprise Risk Management (eGRC Lead Consultant)

 

This is a consulting position with a client of Tiva Systems in San Ramon/CA

 

The ideal candidate will have demonstrated strong performance in this role and gain instant credibility to help mature GRC practice.

Responsibilities:

?      Develops and maintains risk assessment reporting to achieve desired business outcomes.

?      Plans for enterprise GRC technology deployment aligned with CISOtechnology roadmap 3+ years

?      Follows architecture principles to guide day-to-day needs and annual planning/prioritization initiatives.

?      Adjusts risk tracking/reporting for technology trends, vulnerability changes, and compliance gaps

?      Interpret regulations as they apply to products, processes, practices and procedures.

?      Evaluate current policies, procedures, and documentation for compliance with government laws and regulations

?      Create and updaterisk register, treatments, and assessments

?      Perform on-going periodic information securityrisk assessments and compliance testing

?      PCI Compliance Manager, PCI-DSS

?      BCP, Business continuity planning, someone who can run this program

?      Education and awareness

?      Enterprise Risk Management

?      Vulnerability Management

Qualifications:

?      Overall 10+ years experience in IT Security, eGRC, Risk Management, Compliance, BCP, Vulnerability Management

?      At least 3years of experiencewith Metricstream or RSA Archer or equivalent GRC tool, including maintaining a risk register

?      5+ years of relevant work experience in large enterprise environments with at least 3years work experience in information technology governance, risk & compliance.

?      3+ years?experience implementing/maintaining data protection for US and EU data privacy regulatory requirements

?      Eligible for DoD security clearance to support US government risk management and cybersecurity frameworks

?      Solid knowledge and experience of IT controls across all security domains such as access management, encryption, vulnerability management, networksecurity, etc.

?      Expert knowledge of risk management approaches and processes required, including proven implementation experience.

?      Professional certifications such as CISSP, CISM, CISA, or CRISC a plus

?      Bachelor?s degree in Computer Science, Computer Engineering or related field.

Keywords:  IT Security Consultant, Risk Management Lead, GRC Lead, GRC Consultant, IT Compliance Manager, IT Audit Manager, Senior PCI Consultant, Senior Security Consultant, Information Security Compliance Manager, IT Audit Consultant, Senior Manager - Compliance, IS Manager, Compliance and Security Manager, IT Risk & Compliance Manager, IT Auditor

$130K - $160K