Senior Security Consultant - Governance, Risk And Compliance
Current-Lead the development of all deliverables, work products, and business development materials. -Oversee junior practitioners and their support in these activities to ensure quality of services and deliverables.-Serve as a vCISO to Sikich customers to help develop and/or maintain their security program.-Develop and maintain technology related policies, procedures, and standards that address requirements related to strategies, regulations, business & technology risks, and industry standards.-Execute control reviews across technology and business teams to address risk and compliance against various industry and technology frameworks (i.e., SSAE18 SOC2; NIST Cybersecurity Framework, CIS, and ISO27001).-Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. HIPAA, PCI, CIS, NIST, CMMC, etc.).-Manage assessment methodology, project planning, reporting, budgeting, & scheduling-Share expertise to help make top-level decisions on strategy & scope of engagements-Provide clear, organized findings & recommendations to clients & be able to track progress towards resolution.-Analyze requirements & work closely with team members to produce results aligned to client needs-Produce detailed, high-quality reports for clients & industry third parties-Work closely with the project team to ensure high-quality standards-Learn from the Security group & contribute tools, industry news & lessons learned back to the team.-Efficiently juggle several concurrent client projects at any given point in time.