Please share resumes to anu...@reqroute.com
Role: GRC Senior Consultant Location: Buffalo Grove, IL Duration: 6 Months *Mandatory Skills:* GRC Consulting Risk Compliance Assurance, Risk Compliance Assurance Process, Risk Compliance Assurance Technology, GRC Technology, Consulting, GRC Process *Desirable Skills:* Security Compliance and Framework, Healthcare Compliance *Required Qualifications:* · 5+ years of experience in an IT Security/IT Risk environment with a large regulated organization · Knowledge of risk assessment methodologies, IT/IS Policies and Standards, IT risk standards and industry best practices- HIPAA · Experience or understanding of managing vendor assessments · Experience in Archer tool · Experience with development and administration of risk assessments and reviews · Experience with audit processes and disciplines · Experience with more than one major IT discipline · Knowledge of risk assessment methodologies, IT policies and standards · Knowledge of IT risk standards and industry best practice approaches such as ISO 17799, HITRUST, and CoBit · Knowledge of web application security testing and vulnerability testing tools. · Knowledge of network-level penetration testing · Knowledge of source code reviews using automated tools such as Veracode and/or manual analysis *Job Description:* · Develop reports and evaluate the results of the vendor assessment · Identify and document control gaps · Review and interrupt results of vulnerability assessments and penetration testing · Communicate with auditors and regulators during compliance and regulatory reviews · Participate in information security audits ensuring technical compliance with security related regulatory requirements (PCI, SOX, PII, PHI, etc) · Collaboratively work with peers to ensure operational excellence · Contribute to or help lead current state risk assessments, continual risk assessments, risk metrics and visualization and integrated operational risk management · Identify and prioritize risk based on impact and likelihood · Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management · Assist in Policy/Standard development and security awareness and training · Ensure security programs are in compliance with applicable laws, regulations and policies to minimize risk and audit findings · Strong client relationship management experience and skills · Familiarity with relevant regional regulatory requirements · Strong interpersonal and oral/written communication skills, able to build relationships at all levels -- You received this message because you are subscribed to the Google Groups "oraapps" group. To unsubscribe from this group and stop receiving emails from it, send an email to oraapps+unsubscr...@googlegroups.com. To post to this group, send email to oraapps@googlegroups.com. Visit this group at https://groups.google.com/group/oraapps. For more options, visit https://groups.google.com/d/optout.
