CareerBliss

Governance, Risk, and Compliance (GRC Consultant)

Erlanger, KY
Compunnel Inc.
Posted 06/23/2025

GRC Consultant

Erlanger, KY( 5 days onsite)

Contract: 6+ months (extendable)



Job description

Mandatory Skill Sets- SOX, control assurance, control implementation


Year of experience 13+

The Security and Compliance Analyst is responsible to perform the following duties:


  1. Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of the program
  2. Fair understanding of Technology Landscape Applications Infrastructure Cloud and review
  3. Clients information security and related threats and vulnerabilities legal and regulatory
  4. requirements
  5. Good Understanding on Security Standards like ISO 270012 SOX ITGC SOC1 or SOC2
  6. DevSecOps OWASP top 10 Business Impact analysis ISO 22301 ISO 27005
  7. Assess and classify all potential business and infrastructure information risks
  8. Review and advise on information security risks of vendor offerings Newleveraging existing SAAS PAASIAAS services including integration with Client environment
  9. Conduct risk assessment on Applications Network Systems according to Client policies applicable Standards legal regulatory requirements
  10. Identify the risks in the Client Projects provide recommendations for remediation of identified risks
  11. Translate Technical legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies
  12. Identify or design the controls for implementation based on the outcome of Risk Assessment its remediation and residual risk
  13. Ensure all the controls outlined for an applicationInfrastructure are designed effectively
  14. Review Vulnerability Assessment and Penetration Test scan results and recommend the risks to be remediated
  15. Review and approve the control design of supplier and their organization technical specifications against Client security control requirements
  16. Ensure all the risks are documented classified and tracked with appropriate action as per the IRM standards
  17. Work with Project Managers Business Analysts Architecture and Support Team to ensure Client Information Risk Management standards are being followed
  18. Test the control effectiveness post implementation or deployment of controls and technologies
  19. Conduct Security governance with Client stakeholders


Technology


  1. Understanding of Cloud Security SAAS IAAS and PAAS and Onpremise infrastructure
  2. Understanding of secure application development and support
  3. Knowledge on Network Security Data Security Practices EndPoint Security Identity and
  4. Access Management
  5. Knowledge on Business Continuity Plan and Disaster Recovery

Apply

My Email Please enter a valid email address to create job alerts. By clicking on "Continue", I give CareerBliss consent to process my data and to send me email alerts, as detailed in CareerBliss's Privacy Policy. I may withdraw my consent or unsubscribe at any time. Continue
APPLY NOW
Copyright © 2025 CareerBliss. All Rights Reserved.