Cybersecurity and Compliance Program Manager

Website Granite GRC Consulting

Granite GRC, an established and quickly growing management consulting firm that focuses on corporate governance, risk management, compliance is recruiting an experienced certified cyber security professional to join us in this rapidly growing practice area.

This leadership position includes the performance and oversight of client-facing, diverse security related responsibilities including security assessments, vulnerability scanning, penetration testing, monitoring various network activity, writing and presenting reports, planning for future upgrades, and identifying and measuring potential risks with the intent to always stay ahead of attackers.

This position will work with the Manager, Information Technology and other firm personnel to manage and continue the development of high quality, well-organized, efficiently operated and effective corporate cyber security service within the Firm. Responsibilities may include overseeing and performing quality assurance on the work of others, leading and supporting professionalism and teamwork, assisting the firm ensure proper execution of client services, and similar professional activities.

Consultant will participate in the firm’s business development and marketing activities, including publishing professional writing, in professional speaking engagements, and in client development and retention.

Consultant will assist in the planning for additional personnel, and the recruitment and selection of professionals to work with or for the Firm.

Required Certifications include at least one of the following:

  • CISA
  • CISM
  • CEH

Required Experience includes:

  • Ten (10) or more years of experience in IT, with 5 or more years of experience in cyber security security and risk management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
  • Network security scanning and web security scanning
  • Penetration testing
  • IT auditing as specified by industry frameworks or policies
  • Cyber security engineering
  • Cyber incident analysis
  • Incident response and repair
  • IT compliance
  • Working knowledge and application of NIST SP 800-53, NIST SP 800-171, NIST CSF, ISO 27000 series, CIS version 8, HITRUST CSF, and similar standards

Preferred Qualifications:

  • Bachelor’s Degree in information technology, computer science or a similar field
  • Knowledge and experience with GDPR
  • Experience in professional writing
  • Experience in professional and public speaking
  • Existing client base to bring to the firm

Travel Requirements:

  • Up to 20%
  • Remote work optional, with occasion in-person meetings.