GRC ConsultantRemoteImmediate NeedDirect Client

30 Nov 2024

Vacancy expired!

Hi We have a direct client requirement for GRC Expert @ Miami FL.

Role: GRC Expert

Location: Miami FL

Duration: Long term

Job Description:

Key activities:
  • Maintain regulatory compliance (PCI DSS, HITRUST, SOX)
  • Implement IT Risk Management processes, leveraging the Galvanize platform for risk & control assessments, as well as issue, risk & exception tracking.
  • Establish Enterprise Risk Management.
  • Implement and mature Vendor Risk Management program.
  • Continue Training and Awareness program, including phishing awareness & simulations.
Governance Documents
  • Create, update, and review information security-related policies, standards & procedures.
  • Control harmonization between NIST 800-53, PCI DSS, HITRUST CSF
  • Ensure governance documents meet all requirements of HITRUST/PCI DSS
Security Awareness
  • General awareness activities: newsletters, chat and other channels
  • Own training material for company/role-specific training.
  • Phishing awareness and triage using PhishLabs.
  • Phishing simulations using PhishLabs
Risk Management
  • Create and maintain the information security risk register
  • NIST CSF maturity assessments and tracking
  • Audit committee reporting
  • IT risk management activities (in progress): Issue and exception tracking in HighBond. [Created and ready to use]
Vendor Risk Management
  • Work with Procurement and IT Supplier Management to create and improve harmonized process for vetting new and existing vendors
  • Evaluate security posture, certifications, and other aspects of new vendors
  • Review and redline service agreements for security elements
  • Respond to security questionnaires received from our partners (HMOs for SafeLink)

  • ID: #23661673
  • State: Florida South florida 33101 South florida USA
  • City: South florida
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2021-11-30
  • Deadline: 2022-01-23
  • Category: Et cetera