Job Overview: We are seeking a skilled and experienced cross-functional Governance, Risk, and Compliance consultant that can work with IT Compliance and IT Risk on assessments, testing, reporting, and risk analysis within the Information Security Program.
Key Responsibilities:
Assessments: Perform Risk Assessments to ensure proper design and associated risks (inherent and residual) for systems, environments, and domains analyzed. Ability or understanding to gather information to determine threat event frequencies, loss event frequencies, susceptibility, and impact.
Testing: Ability to test the design and operating effectiveness of quarterly/re-occurring IT controls that support our regulatory assessment programs (SOX, NYDFS, etc.). Ability to determine proper design of processes and ineffective processes and key elements of an effective process design. Understanding of key control points and able to perform walkthroughs and/or review of evidence to determine operating effectiveness.
Risk Identification and Mitigation: Collaborate with cross-functional teams to identify emerging risks, assess their potential impact on the organization, and develop mitigation strategies.
Reporting: Ability to contribute towards creating reports for different audiences for IT and non-IT stakeholders (senior management, executive leadership, system owners, and relevant stakeholders) to facilitate decision-making and drive continuous improvement efforts.
Preferred Qualifications:
- Experience with conducting IT/Cybersecurity audits, risk assessments, privacy assessments.
- Familiarity with CMMI, FAIR, NIST CSF, ISO-27001, CSC 18, and Privacy regulations.
- Experience with providing remediation recommendations for issues/findings.
- Experience with GRC tools (such as Archer, ServiceNow, etc.) and project management tools (Jira).
- Ability to lead walkthroughs and assessments with minimal oversight.
- Highly effective communication skills for management and sr. leadership
location: Urbandale, Iowa
job type: Contract
salary: $59 - 69 per hour
work hours: 8am to 4pm
education: Bachelors
responsibilities:
Assessments: Perform Risk Assessments to ensure proper design and associated risks (inherent and residual) for systems, environments, and domains analyzed.
Ability or understanding to gather information to determine threat event frequencies, loss event frequencies, susceptibility, and impact.
Testing: Ability to test the design and operating effectiveness of quarterly/re-occurring IT controls that support our regulatory assessment programs (SOX, NYDFS, etc.).
Ability to determine proper design of processes and ineffective processes and key elements of an effective process design.
Understanding of key control points and able to perform walkthroughs and/or review of evidence to determine operating effectiveness.
Risk Identification and Mitigation: Collaborate with cross-functional teams to identify emerging risks, assess their potential impact on the organization, and develop mitigation strategies.
Reporting: Ability to contribute towards creating reports for different audiences for IT and non-IT stakeholders (senior management, executive leadership, system owners, and relevant stakeholders) to facilitate decision-making and drive continuous improvement efforts.
qualifications:
- Experience level: Experienced
- Minimum 5 years of experience
- Education: Bachelors
skills:
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).
Applications accepted on ongoing basis until filled.