The Security GRC Consultant is responsible for supporting and operating client organizations’ security governance, risk, and compliance program. This role performs GRC execution while also providing risk-based analysis, reporting, and advisory support. The consultant will partner with client organizations’ security leadership and stakeholders to identify, assess, manage, and report on security risk in a regulated healthcare and public company environment.
The role may support one or more client environments as part of a managed services engagement.
The role spans proactive and reactive GRC activities, including third-party security risk management, enterprise risk measurement, incident governance, disaster recovery and business continuity support, and ongoing policy and procedure maintenance.