Senior Security Consultant/Lead - Compliance - IT

Sr Security Consultant/Lead - Compliance

Role Summary:

The Sr. Security Consultant / Team Leader is responsible for leading a team of Security Consultants, managing team and professional development goals, ensuring on-time delivery of GRC projects, and providing expert guidance to team members on GRC-related matters.

Mandatory Skill Sets/Expertise:

- Relevant bachelor's or master's degree in computer science/ IT Auditing/ Information Systems/ Privacy.

- Have a minimum of 3-5 years of experience in the domain of cybersecurity and privacy.

- Experience in information security standards and best practices (ISO 27001, SOC 2, NIST, HIPAA, PCIDSS, HITRUST, etc).

- Experience in performing assessments and audits.

- Deep understanding of risk management principles and IT controls.

- Certified in relevant and industry recognized certifications.

Key Attributes:

- Leadership: To lead by example, collaborate with the team, and make appropriate decisions when required. effectively communicate the vision and goals of the Accorian.

- Mentoring: To mentor individuals from graduate to industry qualified, with the aim of motivating and enhancing their personal and professional development.

- Communication: To communicate effectively both verbally and in writing, with the team and clients, sharing information in a clear and concise manner.

- Problem-solving: Strong analytical skills to identify and solve complex problems within the GRC domain.

Key Responsibilities:

- Assessing cybersecurity risks and vulnerabilities and partnering with the security team to identify and analyse potential threats, evaluating their impact and likelihood of occurrence.

- Developing and implementing GRC strategies to analyze industry regulations and standards relevant to cybersecurity, translating them into practical policies and procedures for our organization.

- End to End Implementation of various standards, regulatory and compliance requirements such as SOC 2, HIPAA, HITRUST, NIST CSF, ISO 27001.

- Conducting GRC audits and collaborating and performing regular evaluations of our security controls and compliance measures, identifying gaps, and recommending improvements.

- Collaborating with strategic-integration and fostering strong relationships across various departments (IT, security, legal, compliance) to ensure seamless integration of GRC processes and cybersecurity initiatives.

- Provide expert advice on GRC strategies, frameworks, and methodologies to clients.

- Collaborate with internal and external auditors, providing necessary documentation and support for audits.

- Ensure clients' adherence to relevant regulations, standards, and industry-specific compliance requirements.

- Developing and delivering training programs to educate employees on cybersecurity best practices and compliance requirements, promoting a culture of security awareness.

- Staying informed on emerging threats and regulations and continuously update your knowledge on the evolving cyber security landscape and adapt your strategies accordingly.

- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications.

- Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks.