Previous Job
Previous
GRC Senior Consultant
Ref No.: 16-01435
Location: Syracuse, New York
Position Type:Contract
 Position Overview: The GRC Architect will be responsible for performing GRC-type consulting activities including IT risk evaluation and executing control assessments over client enterprises, platforms, and applications. The role will also interact with clients to help implement processes and structure surrounding GRC. Knowledge of Security Architecture and the controls associated is also required. The role also requires knowledge of IT Security tools utilized by clients to achieve security and privacy of their business information. Ability to complete assessments, evaluate clients using a maturity model, develop recommendations and client roadmaps for improvement is a must. Ability to advise clients on Security Architecture including Cloud-related components is required. Strong knowledge of common security frameworks and regulations is required along with significant experience within cloud environments such as AWS and Azure. Good verbal & written communication skills are required as is the ability to advise senior client members and directing a small team and working with offshore team members. The candidate must have expertise with security-related topics such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc. Qualifications: • 8-12 years IT experience. • 4-8 years Info Security experience supporting enterprise programs. • 4-8 years in IT Risk Management or Assurance roles conducting risk assessments. • Consulting experience required demonstrating ability to effectively communicate with client and deliver quality deliverables. • Must have experience assessing and developing recommendations for NIST 800-53, r4 and SANS 20 Critical Security Controls • Knowledge of IT regulations and frameworks such as ISO27001, PCI-DSS, FDIEC, and ISO27018 is