Information Security / GRC – Governance – Risk – And Compliance – Consultant
| Company | PDI Technologies |
|---|---|
| Location | Alpharetta, GA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Mid Level, Senior |
Requirements
- Familiarity with firewalls, intrusion detection/prevention, endpoint security, identity management
- Mastery of networking, operating system, and software development fundamentals
- Understanding of cloud security (AWS, Azure, GCP)
- Experience with tools like Nessus, Qualys, Splunk, Archer, ServiceNow GRC
- NIST (800-53, CSF), ISO/IEC 27001
- CIS Critical Security Controls
- FedRAMP, HITRUST, SOC 2
- Strong communication and documentation skills
- Analytical thinking
- Ability to manage multiple stakeholders
- Results-oriented time management
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)
- CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information Systems Control)
- CISM (Certified Information Security Manager)
Responsibilities
- Perform risk assessments and gap analyses
- Identify and prioritize vulnerabilities and threats
- Recommend mitigation strategies
- Develop and implement IT governance frameworks
- Provide advisory services focused on compliance with regulations and standards including (but not limited to): HIPAA, PCI-DSS, SOX, GLBA, FISMA, CMMC
- Create and maintain security policies, procedures, and standards
- Support the development of Business Continuity and Disaster Recovery Plans
- Prepare for internal and external audits
- Support ongoing compliance reporting and evidence collection
- Advise on cybersecurity investments and architecture
- Provide security awareness training
- Act as a liaison between technical teams and leadership
Preferred Qualifications
-
No preferred qualifications provided.