GRC Consultant (Governance Risk & Compliance)
Red Canari is currently looking for an enthusiastic GRC consulting to join our growing team.
Red Canari is a Canadian cybersecurity consultancy focused on delivering high quality, high assurance cyber consultancy services.
We are fortunate to enjoy mutual commitment with a global base of anchor clients operating across several sectors - Aviation & Aerospace, Finance, Healthcare, Hi-tech, Governmental Departments and Military Commands. It is our privilege and honour to help our clients navigate the security landscape and exercise due care in order to achieve higher levels of cyber resiliency.
We are world-renowned security researchers/hackers, who present proprietary projects on the world stage of cybersecurity including DEF CON and Black Hat. Our endeavour is to continuously redefine excellence in the field of information security.
We’re looking for someone who shares our passion for information security, a team player who loves to collaborate, a curious and creative mind that enjoys learning, and a trusted partner who wants to grow with us. If that sounds like you, read more about the GRC Consultant role and APPLY TODAY!
- Evaluate client needs and translate those needs into well scoped statements of work.
- Develop proposals for GRC consulting services to our clients while collaborating with the sales team.
- Plan and lead GRC assessments and consulting engagements for clients requiring GRC support or services
- Conduct audit and risk assessments alone and as part of a multi-disciplinary team.
- Effectively manage project deadlines, and collaborate with the team to provide agreed upon project timelines, schedules and time allocation
- Report to company directors and other stakeholders about on-going projects
- Carry out research to gain an understanding of clients’ business and GRC needs.
- Provide guidance on building and maturing information security programs and the implementation of tools and technologies used for enterprise security
- Develop policies and procedures for clients
- Collect and analyse data, and prepare reports
- Interface with clients to address concerns, issues, or escalations; track and drive to closure any issues that impact the service and its value to clients
- Design and implement service delivery collateral.
- Highlight areas for improvement and risk reduction.
- Present recommendations to the client.
- Provide ongoing implementation support to clients.
- Bachelor’s degree (Computer Science, Management Information Systems, Business Technology Management, or another relevant field).
- 3-5 years of experience in a Cybersecurity consulting environment.
- Passion for governance, risk, and compliance. Excellent written and verbal communication skills with high attention to detail and accuracy.
- Demonstrated interpersonal skills and professional experience with ability to efficiently network and build relationships with client groups and internal teams.
- Solid knowledge and understanding of information risk concepts and principles
- A sound understanding of the components that comprise a successful information security program
- Relevant experience with industry best-practice approaches to the governance, operation, and management of IT systems (e.g. NIST, ISO 27000, SANS Critical Controls, ITIL, COBIT, ISO 31000, etc).
- Technical knowledge of, and able to, articulate business and cybersecurity risk
- Strong stakeholder management skills including CISOs and external regulators
- Ability to define and deliver training exercises, workshops, presentations, and briefings
- Ability to successfully interface with clients and manage expectations
- Ability to document and explain technical details in a clear and concise manner
- Experience in offensive security methods
- Experience with vulnerability assessment tools and methods
- Relevant certifications such as CISSP, CRISC, CISM, CISA.
Fulfil requirements to apply for SECRET level II
Red Canari is an Equal Opportunity Employer, committed to creating and maintaining a diverse and inclusive working environment. We ensure to consider all qualifying applications because we strongly believe our diversity makes us a stronger team
Please send me your resume firstname.lastname@example.org