Information Security Consultant is responsible for maintaining an enterprise-wide information security program. This position will report to the Director of Information Security and will provide the leadership necessary to manage risks to the organization and ensure business alignment, effective governance, system and product availability, integrity, and confidentiality.
This position will be responsible for identifying, evaluating, advising, and reporting on information security risks in a manner that meets compliance and regulatory requirements. The incumbent will also provide oversight for the Governance, Risk and Compliance program, Privacy and Data Protection Program, Incident Response Process, and Cyber Resilience initiatives. This key leadership position will manage a small team and must be comfortable with providing strategic direction as well as doing actual hands-on work as an individual contributor when needed.

Governance, Risk, and Compliance (GRC):
Responsible for the GRC aspects of the Information Security program.
Drive initiatives to certify compliance with various regulatory and industry standards, including GDPR, CPRA, CMMC, TISAX, and ISO 27001.

Privacy and Data Protection:
Oversee the organization's data protection strategy to ensure compliance with data privacy laws (e.g., GDPR, CCPA).
Supervise the implementation of data protection security controls.

Incident Response:
Lead the incident response team in identifying, managing, and mitigating cybersecurity incidents.
Develop and maintain incident response plans and playbooks.

Cyber Resilience:
Develop and implement strategies to enhance the organization's cyber resilience capabilities.
Conduct regular cyber resilience assessments and simulations which include failover and recovery tests.

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form . The EEOC "Know Your Rights" Poster is available here .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Required Skills & Experience
- Onsite 5 days a week
- Possibility of going perm as a Sr Manager
- Bachelors degree in computer science, cybersecurity or related field is preferred.
- 12+ years IT security or IT assurance experience
- 7+ years of progressive experience in Risk Management, Compliance, and/or Security Operations roles
- CISSP, CRISC, CISM, or CISA certifications preferred.
- Experience with TISAX, DFARS/CMMC and ISO 27001 audits preferred
- Understanding of technical and cybersecurity concepts is required.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.