Job description

Our client is looking for motivated security professionals with consulting and risk management experience to provide security guidance and leadership for IT Risk Advisory and IT Security Assessment services. As a Security Consulting within the Risk Advisory Services division, your primary focus will be providing strategic security guidance surrounding the myriad of compliance regulations and risk management frameworks companies face. You’ll work collaboratively within the Risk Advisory team as a specialist and assist with the planning, scoping, and execution of consulting engagements. The successful candidate will be strong technically, highly personable, client relationship focused and motivated to contribute to the continued development of a growing and close-knit information security organization.

Responsibilities include:

  • Engage with clients to build security programs, write policies, assess risk, identify compliance gaps, and create governance strategies to protect sensitive data and uncover security issues.
  • Provide subject matter expertise in the realm of governance, risk management and compliance.
  • Provide executive and C-suite level guidance on managing risk within an organization.
  • Provide thought leadership and perspectives within the governance, risk and compliance space to existing and prospective clients.
  • Participate in a team environment to create guidance documents on industry topics.
  • Identify, architect, and present new service opportunities within the context of existing client relationships.

Position Qualifications:

  • Bachelor’s or higher education degree
  • Industry certification such as CISSP, CISM, CISA, HITECH, HCISPP, etc.
  • One to two years direct working experience in the GRC or audit fields
  • Experience and knowledge of GRC frameworks from ISO, NIST, and COBIT
  • At least three (3+) years’ work experience in the IT or consulting fields
  • A solid understanding of IT security technologies including network and application security, firewalls, access management, and data protection
  • Experience and knowledge with Audit processes such as SSAE 18, NERC CIP, PCI, GDPR, HIPAA
  • Prior experience creating Information Security Policies and procedures
  • Able to manage project task execution independently and work with project associated team members to deliver their tasks on time, without direct authority.
  • Experience and success in delivering client engagements on-time and within budget
  • A desire to grow professionally by joining and contributing to a group of skilled consulting professionals that focus on exceeding customer expectations.
  • Capable of managing and executing complex customer focused projects independently and as a team contributor
  • Excellent verbal, written communication and interpersonal skills with customer service experience
  • Ability to present and articulate findings to technical staff and executives
  • Must be able to pass a background check


  • Healthcare, Governmental or GDPR privacy assessment experience
  • Experience using GRC software products and applications
  • Project management experience
  • Experience with vulnerability scanning and analysis (e.g., Qualys, Nessus, Nexpose, Saint)

To apply for this job email your details to