Governance, Risk and Compliance Consultant
Founded in 2015, The Crypsis Group specializes in data breach response, digital forensics, and risk management consulting services to a growing list of clients ranging from small enterprises to Fortune 50 corporations, as well as federal government agencies. Our experts combine deep security knowledge and proprietary technology to rapidly provide effective incident response, attack-readiness and remediation plans for organizations. With offices in McLean, New York, Chicago, Austin, and Los Angeles and significant year over year revenue growth, we are firmly entrenched and well positioned as a leading provider of incident response and risk management services.
Responsibilities for the Governance, Risk and Compliance Consultant include:
- Assist Crypsis Leadership in the development of Risk Management, Compliance and Security standards within professional services.
- Industry knowledge of best practices within Governance Risk and Compliance and provide recommendations to proactively improve our client’s security posture.
- Act as a key member and sometimes lead audits, risk assessments, and other engagement-related duties in accordance with industry regulations, standards, and company policies and procedures for assurance and continuous improvement of controls.
- The ability to work across multiple frameworks and regulatory standards including, but not limited to, NIST CSF, ISO, GDPR, SOX, HIPPA.
- Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes while defining potential impacts and creating an effective mitigation strategy.
- Skilled at proactively identifying security risk and vulnerabilities while eliminating cybersecurity threats.
- Interacts with prospects and clients by assisting with completing security questionnaires, assessments, and audits.
- Ensure controls meet legal, regulatory, privacy, policy, standards and security requirements.
- Effectively write and communicate audit, assessment or compliance engagement reports and provide recommendations to client management.
- Ability to perform light travel requirements as needed to meet business demands (on average 30%).
Qualifications for the Governance, Risk and Compliance Consultant include:
- 3+ years of experience performing information security and risk assessments based upon industry accepted standards.
- Experience with GRC tools, technology, and implementation.
- Experience with Application Security Audits and Risk Scoring.
- Demonstrate a track record in strengthening existing and developing new client relationships.
- Knowledge of computer forensic tools, technologies and methods.
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or equivalent years of professional experience to meet job requirements and expectations.