Governance, Risk Management Consultant

Job Title: GRC ConsultantLocation: CSI US CA Santa ClaraYears of Experience: 7 10 YearsJob Summary:We are seeking a highly skilled Cybersecurity / Enterprise Security Contractor with a strong focus on Governance, Risk Management, and Compliance (GRC). The ideal candidate will possess extensive experience in information risk management and compliance, particularly with a CISM certification. This role is critical in ensuring that our organization adheres to regulatory requirements and maintains a robust security posture.Responsibilities:Develop, implement, and maintain GRC frameworks and policies to ensure compliance with industry standards and regulations.Conduct risk assessments and audits to identify vulnerabilities and recommend mitigation strategies.Collaborate with cross functional teams to integrate security practices into business processes.Monitor and report on compliance status, providing insights and recommendations to senior management.Stay updated on emerging threats, regulatory changes, and best practices in cybersecurity and compliance.Provide training and awareness programs to staff on information security policies and procedures.Assist in incident response planning and execution, ensuring effective communication and documentation.Mandatory Skills:CISM certification with a strong focus on Information Risk Management and Compliance.Proven experience in developing and implementing GRC frameworks.Strong understanding of regulatory requirements such as SOC 2 / ISO 27001Experience in conducting risk assessments and audits.Excellent analytical and problem solving skills.Strong communication and interpersonal skills, with the ability to work collaboratively across teams.Preferred Skills:Additional certifications such as CISSP, CISA, or CRISC.Experience with security tools and technologies (e.g., SIEM, vulnerability management tools).Knowledge of cloud security and compliance frameworks.Familiarity with data privacy laws and regulations.Qualifications:Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.7 10 years of experience in cybersecurity, with a focus on GRC.Proven track record of managing compliance initiatives and risk management programs.Ability to work independently and manage multiple projects simultaneously.If you are a proactive and detail oriented professional with a passion for cybersecurity and compliance, we encourage you to apply for this exciting opportunity.