Sr Security Consultant/Lead - Compliance
Role Summary:
The Sr. Security Consultant / Team Leader is responsible for leading a team of Security Consultants, managing team and professional development goals, ensuring on-time delivery of GRC projects, and providing expert guidance to team members on GRC-related matters.
Mandatory Skill Sets/Expertise:- Relevant bachelor's or master's degree in computer science/ IT Auditing/ Information Systems/ Privacy.
- Have a minimum of 3-5 years of experience in the domain of cybersecurity and privacy.
- Experience in information security standards and best practices (ISO 27001, SOC 2, NIST, HIPAA, PCIDSS, HITRUST, etc).
- Experience in performing assessments and audits.
- Deep understanding of risk management principles and IT controls.
- Certified in relevant and industry recognized certifications.
Key Attributes:- Leadership: To lead by example, collaborate with the team, and make appropriate decisions when required. effectively communicate the vision and goals of the Accorian.
- Mentoring: To mentor individuals from graduate to industry qualified, with the aim of motivating and enhancing their personal and professional development.
- Communication: To communicate effectively both verbally and in writing, with the team and clients, sharing information in a clear and concise manner.
- Problem-solving: Strong analytical skills to identify and solve complex problems within the GRC domain.
Key Responsibilities:- Assessing cybersecurity risks and vulnerabilities and partnering with the security team to identify and analyse potential threats, evaluating their impact and likelihood of occurrence.
- Developing and implementing GRC strategies to analyze industry regulations and standards relevant to cybersecurity, translating them into practical policies and procedures for our organization.
- End to End Implementation of various standards, regulatory and compliance requirements such as SOC 2, HIPAA, HITRUST, NIST CSF, ISO 27001.
- Conducting GRC audits and collaborating and performing regular evaluations of our security controls and compliance measures, identifying gaps, and recommending improvements.
- Collaborating with strategic-integration and fostering strong relationships across various departments (IT, security, legal, compliance) to ensure seamless integration of GRC processes and cybersecurity initiatives.
- Provide expert advice on GRC strategies, frameworks, and methodologies to clients.
- Collaborate with internal and external auditors, providing necessary documentation and support for audits.
- Ensure clients' adherence to relevant regulations, standards, and industry-specific compliance requirements.
- Developing and delivering training programs to educate employees on cybersecurity best practices and compliance requirements, promoting a culture of security awareness.
- Staying informed on emerging threats and regulations and continuously update your knowledge on the evolving cyber security landscape and adapt your strategies accordingly.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications.
- Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks.