Senior GRC Specialist

Salary: $120k-$135k + 10% bonus

Location: Chicago, IL or Austin, TX

Hybrid: 3 days in-office, 2 days remote

*We are unable to provide sponsorship for this role*

Qualifications

• Bachelor's degree
• Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC
• Technical writing experience
• 4+ years of Information Security experience
• Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.
• Strong knowledge of risk management principles and practices.
• Strong knowledge of security administration and role-based security controls.
• Strong knowledge and use of GRC platforms.
• Knowledge of vulnerability assessment and forensic investigations tools.
• Knowledge of Privileged Access Management technologies

Responsibilities

• Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed.
• Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation.
• Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements.
• Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
• Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff.
• Manage and support the 3rd Party Security Vendor Risk Management program and life cycle.
• Manage the exception request process and consult as needed.
• Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs.
• Management and support of the GRC technology platforms.
• Conduct evaluations of an IT program or its individual components to determine compliance with published standards.